Fatal FIPS Selftest Failures
This document (7016637) is provided subject to the disclaimer at the end of this document.
Federal Information Processing Standards (FIPS)
Other errors include:
sshd-gen-keys-start: fips.c(137): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE
systemd: Failed to start OpenSSH Daemon.
wicked: Libgcrypt error: integrity check using '/usr/lib64/.libgcrypt.so.20.hmac' failed: No such file or directory
wicked: Libgcrypt notice: state transition Self-Test => Error
wicked: __ni__hashctx_new: gcry_md_open failed
wicked: cannot generate uuid for lo config - hashing failed
wicked: cannot generate uuid for eth0 config - hashing failed
Cat /proc/sys/crypto/fips_enabled shows 1
Cat /proc/cmdline includes fips=1
Running 'rpm -qa | grep fips' shows only: libfipscheck1 and fipscheck packages installed.
2. Install the "FIPS 140-2 specific packages" pattern or (zypper install patterns-sles-fips)
3. Reconfigure FIPS. (See TID7016636 - FIPS installed but not working)
4. Reboot the server with fips=1 kernel option.
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7016637
- Creation Date: 26-Jun-2015
- Modified Date:03-Mar-2020
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: firstname.lastname@example.org