Information
The ESXi host SSH daemon must use FIPS 140-2/140-3 validated cryptographic modules. OpenSSH on the ESXi host ships with a FIPS 140-2/140-3 validated cryptographic module, and it is enabled by default. For backward compatibility reasons, this can be deactivated. Therefore, this setting must be audited and corrected if necessary.
Solution
$ESXcli = Get-EsxCli -VMHost $ESXi -V2
$arguments = $ESXcli.system.security.fips140.ssh.set.CreateArgs()
$arguments.enable = $true
$ESXcli.system.security.fips140.ssh.set.Invoke($arguments)