Package: libssh2-1 Version: 1.4.0-1 Severity: normal
This case reported already in one of tools whis uses libssh2: https://support.zabbix.com/browse/ZBX-4850 Here is almost the same description: Debain'n package is using Libgcrypt: http://packages.debian.org/squeeze/libssh2-1 Why it happened? Here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=409362 And as result Debian's package is using Libgcrypt :( In the same time openssh-client is using only OpenSSL: http://packages.debian.org/squeeze/openssh-client so, the problen is not visible when try an private key *with* passphrase from console (by openssh-client). Quoting Simon: "The Libgcrypt backend in libssh2 contains a hand written slimmed down ASN.1 parser to read out the RSA key, but it does not support any of the PKCS* encrypted forms of RSA keys. The OpenSSL backend in libssh2 uses OpenSSL to read the keys, so it supports whatever private key formats that OpenSSL supports." and "Are you using libgcrypt or OpenSSL as the backend? The libgcrypt backend can only read unencrypted private keys." Sources: http://www.mail-archive.com/libssh2-devel@cool.haxx.se/msg02226.html http://www.mail-archive.com/libssh2-devel@cool.haxx.se/msg02057.html >From a #libssh2 on a Freenode I learned that Simon is the author of the >libgcrypt backend for libssh The library libssh2 for several other checked distros (centos, gentoo) and freebsd is using default OpenSSL So, I'd suggest to discard changes performed in the http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=409362 Thanks! -- System Information: Debian Release: 6.0.4 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libssh2-1 depends on: ii libc6 2.11.3-2 Embedded GNU C Library: Shared lib ii libgcrypt11 1.4.5-2 LGPL Crypto library - runtime libr ii multiarch-support 2.13-27 Transitional package to ensure mul ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime libssh2-1 recommends no packages. libssh2-1 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
