Your message dated Sun, 2 Apr 2017 03:04:38 +0100
with message-id <[email protected]>
and subject line Re: Bug#817836: openssh-server: ECDSA host key creation after
upgrades
has caused the Debian Bug report #817836,
regarding openssh-server: ECDSA host key creation after upgrades
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
817836: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817836
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: openssh-server
Version: 1:6.0p1-4+deb7u3
Severity: wishlist
Dear Maintainer,
We're upgrading some systems from Debian 6 to Debian 7 (and then maybe 8). As
part of the update, the newer version of OpenSSH supports the newer ECDSA
format.
However, after the upgrade is complete, and I run 'dpkg-reconfigure
openssh-server', the "/etc/ssh/ssh_host_ecdsa_key" is not generated.
It seems that the package doesn't touch sshd_config(5) to add the new
HostKey file.
This isn't necessarily a bad thing, but could you add functinality so that
the user is prompted about updating "/etc/ssh/sshd_config"? If there have
been no local changes then the new file can be installed, but if there are
site-specific modifications then the admin can decide what to do.
-- System Information:
Debian Release: 7.9
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.49
ii dpkg 1.16.17
ii libc6 2.13-38+deb7u10
ii libcomerr2 1.42.5-1.1+deb7u1
ii libgssapi-krb5-2 1.10.1+dfsg-5+deb7u7
ii libkrb5-3 1.10.1+dfsg-5+deb7u7
ii libpam-modules 1.1.3-7.1
ii libpam-runtime 1.1.3-7.1
ii libpam0g 1.1.3-7.1
ii libselinux1 2.1.9-5
ii libssl1.0.0 1.0.1e-2+deb7u20
ii libwrap0 7.6.q-24
ii lsb-base 4.1+Debian8+deb7u1
ii openssh-client 1:6.0p1-4+deb7u3
ii procps 1:3.3.3-3
ii zlib1g 1:1.2.7.dfsg-13
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:7.4p1-1
On Thu, Mar 10, 2016 at 02:06:17PM -0500, David Magda wrote:
> We're upgrading some systems from Debian 6 to Debian 7 (and then maybe 8). As
> part of the update, the newer version of OpenSSH supports the newer ECDSA
> format.
>
> However, after the upgrade is complete, and I run 'dpkg-reconfigure
> openssh-server', the "/etc/ssh/ssh_host_ecdsa_key" is not generated.
>
> It seems that the package doesn't touch sshd_config(5) to add the new
> HostKey file.
>
> This isn't necessarily a bad thing, but could you add functinality so that
> the user is prompted about updating "/etc/ssh/sshd_config"? If there have
> been no local changes then the new file can be installed, but if there are
> site-specific modifications then the admin can decide what to do.
I fixed this in openssh 1:7.4p1-1 by switching to managing sshd_config
using ucf.
Thanks,
--
Colin Watson [[email protected]]
--- End Message ---
