sshd not working,OpenSSL version mismatch

Solution Verified - Updated 13 Jun 2025

Environment

Red Hat Enterprise Linux 9
openssl 3.2.2 (RHEL 9.5) or later
openssh 8.7p1-34.el9_3.3 or earlier (RHEL 9.0-9.3)

Issue

sshd start failure, log show OpenSSL version mismatch. Built against 30000070, you have 30200020

sshd[1191]: OpenSSL version mismatch. Built against 30000070, you have 30200020
systemd[1]: sshd.service: Main process exited, code=exited, status=255/EXCEPTION
systemd[1]: sshd.service: Failed with result 'exit-code'.

Resolution

Update openssh to 8.7p1-38.el9 and later.

Root Cause

openssh in RHEL 9.0-9.3 (8.7p1-34.el9_3.3 or earlier) checks openssl version strictly.
- The mismatch occurs because the OpenSSL version sshd was compiled against 30000070 is different from the OpenSSL version available at runtime 30200020. This can lead to compatibility issues.
openssh in RHEL 9.4 (8.7p1-38.el9) has relaxed openssl version check in preparation for a future openssl rebase.
RHEL 9.5 rebased OpenSSL from 3.0.7 to 3.2.2.
- RHEL 9.5 release notes
  - 4.2. Security - OpenSSL rebased to 3.2.2
  - 11.2. Security - OpenSSH in RHEL 9.0-9.3 is not compatible with OpenSSL 3.2.2

Diagnostic Steps

Check openssh and openssl package versions.

# rpm -q openssl openssh
openssl-3.2.2-6.el9_5.x86_64
openssh-8.7p1-34.el9_3.3.x86_64

SBR

Services

Product(s)

Red Hat Enterprise Linux

Components

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.