Rocky 9.1 SSH login issue in FIPS mode

I am currently working on building a test environment in FIPS mode and having issues doing an SSH into the box.

From PuTTY I get “Remote side unexpectedly closed network connection”

From a 9.1 box to 9.1 box, the messages are:
“kex_gen_client: Key exchange type c25519 is not allowed in FIPS mode”
“ssh_dispatch_run_fatal: Connection to IP_ADDRESS port 22: invalid argument”

I have found where there are issues going back to RHEL 6, but I would think that would not be an issue between Rocky 8 or 9.

I have tried the fixes that they have put out for RHEL 6 without success. Has anyone else found this issue?


So I have found a work-around for this.

I removed all references to 25519 in the /etc/crypto-policies/back-ends directory. There are soft links for most of the files in the /usr/share/crypto-policies/DEFAULT directory.

After a reboot the ssh connection was made from both PuTTY and another server.