Unable to login after enabling Fips

Hi,

Unable to login after fips enabled
Error message
ebug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection closed by 10.87.14.156 port 22

Steps Followed
yum install -y dracut-fips
dracut -f
/sbin/grubby --update-kernel=ALL --args=“fips=1”
reboot

Seems like ssh config changed after fibs enabled

Is the steps followed correct?
Let me know if need to make any changes
Can you help me on this .

Only certain ciphers are allowed to be used with SSH once you’ve enabled FIPS mode. You may need to delete your existing key and regenerate with an approved one. IIRC ed25519 is not an allowed cipher which causes issues on AWS since that’s one of the types that it suggests at when asking you to generate keys. You can use the following command to determine if FIPS is enabled.

fips-mode-setup --check

https://www.federalregister.gov/documents/2023/02/03/2023-02273/announcing-issuance-of-federal-information-processing-standard-fips-186-5-digital-signature-standard

Since February 2023…