With FIPS enabled the Dashboard component of Webmin breaks. Instead of reporting the nice graphs in Authentic Theme, it simply reports an error of "Unable to encrypt password : "
Highly likely. FIPS forces the kernel to use only encryption algorithms that the FIPS standard has approved. i.e. MD5 is not considered secure. I understand this isn't really something Webmin would want to change perse, but perhaps a method for a user to change?
Either way, I'm not sure if that's even entirely relevant in this scenario as I was not trying to create a new user or change a password. I simply logged in (successfully) and all modules work except for the Dashboard.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Can you try adding the line error_stack=1 to /etc/webmin/config , re-opening the dashboard page, and then paste here the full error that gets logged to /var/webmin/miniserv.error (or displayed in the UI). That should show me where the offending call to crypt is .
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Does FIPS perhaps change the behavior of the crypt() function?
Highly likely. FIPS forces the kernel to use only encryption algorithms that the FIPS standard has approved. i.e. MD5 is not considered secure. I understand this isn't really something Webmin would want to change perse, but perhaps a method for a user to change?
Either way, I'm not sure if that's even entirely relevant in this scenario as I was not trying to create a new user or change a password. I simply logged in (successfully) and all modules work except for the Dashboard.
Can you try adding the line
error_stack=1to/etc/webmin/config, re-opening the dashboard page, and then paste here the full error that gets logged to/var/webmin/miniserv.error(or displayed in the UI). That should show me where the offending call tocryptis .