Guest

Preview Tool

Cisco Bug: CSCvu95540 - crypto fips-mode commit fails in presence of a stall scp connection

Last Modified

Aug 04, 2020

Products (1)

  • Cisco ASR 9000 Series Aggregation Services Routers

Known Affected Releases

7.1.2.BASE

Description (partial)

Symptom:
When FIPS mode is turned on when any verifier process like SSH is blocked, FIPS mode enablement fails.

(config)#show configuration failed 
Wed Jul  1 10:21:35.667 IST
!! SEMANTIC ERRORS: This configuration was rejected by 
!! the system due to semantic errors. The individual 
!! errors with each failed configuration command can be 
!! found below.
crypto fips-mode
!!% The process 'ssh_xr' took too long to respond to a verification request and was timed out
end

Conditions:
Verifier process like ssh if stalled and then FIPS mode is turned on is when this problem is seen
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.