certificate that doesn't also have another in-memory private key Reply-To: In-Reply-To: <[email protected]> X-Operating-System: Linux io 3.16.0-4-amd64
On Thu, Apr 28, 2016 at 11:41:39 +0100, Colin Watson wrote: > On Thu, Apr 28, 2016 at 05:43:43PM +0800, gustavo panizzo wrote: > > Package: openssh-client > > Version: 1:7.2p2-5 > > Severity: normal > > > > Hello > > > > I'm affected by this upstream bug > > https://bugzilla.mindrot.org/show_bug.cgi?id=2550 > > > > Can you apply the patch to 7.2 package? > > That is what I did in the very version that you report as being affected > above! > > openssh (1:7.2p2-5) unstable; urgency=medium > > * Backport upstream patch to unbreak authentication using lone certificate > keys in ssh-agent: when attempting pubkey auth with a certificate, if no > separate private key is found among the keys then try with the > certificate key itself (thanks, Paul Querna; LP: #1575961). > > -- Colin Watson <[email protected]> Thu, 28 Apr 2016 01:52:01 +0100 > > Are you sure that you were affected by this in 1:7.2p2-5, and not in > 1:7.2p2-4 or earlier versions? I tested earlier today 1:7.2p2-5 and it failed, I didn't even look at the changelog, I will test tomorrow again. -- 1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333 keybase: http://keybase.io/gfa
