A customer recently asked me to help them sort out getting FIPS mode enabled on some of their systems. As per normal, before sending a procedure over, I took a test system and walked through the procedures. I also ensured that our standard
Ciphers directives were commented-out so that the SSHD would allow connections at all. Everything appeared to be functional, so I left my system configured for FIPS.
Today, I was trying to work with one of our GIT repos that only allows SSH-based repo-access. GIT attempted to connect via SSH and the SSH client asked me for my key's password. I entered it, and it told me my password was incorrect. I tried again, outside the context of GIT, and got the same error (even though I verified I wasn't fat-fingering anything). So, I rebooted my host out of FIPS mode. Once it came back from reboot plain and GIT-wrapped SSH key-unlocks worked as previous.
Anyone run into anything similar? I'm still Googling about, but haven't found the right combination of terms to dig up something relevant/useful. Running the SSH daemon and client in verbose/debug modes hasn't given me anything useful, either.