After enabling FIPS mode on a Linux repository server, backup jobs fail; log review reveals that Veeam Backup & Replication is unable to make an SSH connection to the repository:
[31.08.2019 00:00:00] Warning Failed to create SSH connection to host: '<hostname>', port: 22, user: '<username>', elevation to root: 'yes', autoSudo: no, use su if sudo fails: no, auth type: 'Password', host name: <hostname>, IPs: [<ipaddress>].. Server does not support diffie-hellman-group1-sha1 for keyexchange
After you enable FIPS mode on a Linux repository server:
Veeam Backup & Replication will start using a FIPS compatible SSH library to connect to the Linux server.
If you receive the error "Permission denied (password)," check that the credentials used to connect to the server are valid.
If you receive the error "Unable to establish connection to host," ensure there are no firewalls blocking port 22 between the Veeam backup server and the Linux server. As an isolation step, try using PuTTY to make an SSH connection to the Linux server from the Veeam backup server using the same credentials that are specified in the Veeam backup console. This will help to ensure that it is possible to connect to the server outside of the Veeam software.
If Veeam Backup & Replication displays an error regarding negotiation, review KB2061 for a list of compatible Ciphers, Key Exchange Algorithms, and MAC Algorithms.
If issues remain, please contact Veeam Support.
This form is only for KB Feedback/Suggestions, if you need help with the software open a support case