Your message dated Sat, 7 Apr 2018 11:12:41 +0100 with message-id <20180407101241.3hdso6hgpdxfg...@riva.ucam.org> and subject line Re: Bug#614818: openssh-client: ssh(1) man page should note id_rsa encryption now uses AES, not 3DES has caused the Debian Bug report #614818, regarding openssh-client: ssh(1) man page should note id_rsa encryption now uses AES, not 3DES to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 614818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614818 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: openssh-client Version: 1:5.8p1-2 Severity: normal In the FILES section of ssh(1), it says: ~/.ssh/id_rsa Contains the private key for authentication. These files contain sensitive data and should be readable by the user but not acces‐ sible by others (read/write/execute). ssh will simply ignore a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key which will be used to encrypt the sensitive part of this file using 3DES. However, in a recent release, ssh-keygen has switched to using AES, not 3DES, to encrpyt the private key. This is noted in the ssh-keygen(1) page, in this same pkg: ~/.ssh/id_rsa Contains the protocol version 2 DSA, ECDSA or RSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when gener‐ ating the key; that passphrase will be used to encrypt the pri‐ vate part of this file using 128-bit AES. [...] This section should probably be the same across both man pages. thanks much calum. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.35.7 (PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssh-client depends on: ii adduser 3.112+nmu2 add and remove users and groups ii debconf [debconf-2.0 1.5.38 Debian configuration management sy ii dpkg 1.15.8.10 Debian package management system ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib ii libedit2 2.11-20080614-2 BSD editline and history libraries ii libgssapi-krb5-2 1.8.1+dfsg-5 MIT Kerberos runtime libraries - k ii libselinux1 2.0.96-1 SELinux runtime shared libraries ii libssl0.9.8 0.9.8o-4 SSL shared libraries ii passwd 1:4.1.4.2+svn3283-2 change and administer password and ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages openssh-client recommends: ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.5-1 X authentication utility Versions of packages openssh-client suggests: ii gtk-led-askpass [ssh-askpass 0.11-1 GTK+ password dialog suitable for ii keychain 2.6.8-2 key manager for OpenSSH pn libpam-ssh <none> (no description available) ii ssh-askpass 1:1.2.4.1-9 under X, asks user for a passphras -- debconf-show failed
--- End Message ---
--- Begin Message ---Source: openssh Source-Version: 1:7.7p1-1 On Wed, Oct 04, 2017 at 01:02:30PM +0100, Colin Watson wrote: > Thanks. I've belatedly confirmed that this is still the case in 7.6p1, > and forwarded your bug upstream as > https://bugzilla.mindrot.org/show_bug.cgi?id=2788. Fixed in OpenSSH 7.7p1. -- Colin Watson [cjwat...@debian.org]
--- End Message ---
