The FIPS mode disables MD5 digest, but gpg-agent with support for ssh requires MD5 to calculate legacy digests, placing them in comment of the control file. This fails, but no reasonable error message is presented to the user.
The gnupg2 should either stop using the MD5 digests (OpenSSH does not use them for years by default), ignore failures generating these fingerprints or at least report some usable errors to users in case this happens. Currently, the user interaction looks like this:
# ssh-add testkey Please enter a passphrase to protect the received secret key SHA256:IHw/1uKMQBjUXcFZItMsF2wnWP4fWJuubkSJxSBgvZw email@example.com within gpg-agent's key storage Passphrase: Repeat: Identity added: testkey (firstname.lastname@example.org) # ssh-add -l The agent has no identities.
My proposal is to ignore failures from generating the md5 fingerprints if they are not available, but I do not mind the other options.
Similarly issue is present in the tests that needs to be adjusted, probably to detect the fips mode based on the libgcrypt FIPS mode status. I have a patch for the t-ssh-utils.
There are other issues in FIPS mode mostly handling of algorithms unsupported in FIPS mode, but I did not get into the scm format yet to be able to fix them yet.