Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-13 Thread Eduardo Chappa 

On Wed, 13 May 2020, Βασίλειος A. Ζοῦκος wrote:


I think that the problem has been solved and I would like to thank
all of you for your prompt responses.


I am glad to read the problem is solved, but I would like to encourage 
Debian to not to do this kind of changes by default in its encryption 
library. Instead, my adivce is that the reasons that lead to these changes 
be taken as a minimum of what Debian should support. There are many users 
that for valid reasosn cannot use more modern encryption protocols, and so 
when I support software, I have to support users to use the low encryption 
protocol if that is all they can afford, but make the default the high 
encryption protocols. That is what encryption libraries offer, and users 
should be able to pick using lower encryption protocols, if they so wish 
to, or only use high encryption protocols, if they can do so, but that 
should be a choice of a user on a case by case basis, not a blanket rule 
to apply to everyone. This is an example of what could happen when you 
decide to do so. We might see this experience become a FAQ if Debian 
continues to do this.


--
Eduardo

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-13 Thread Βασίλειος A . Ζοῦκος 

Hi,
Following the hint in the last paragraph of the file:
/usr/share/doc/libssl1.1/NEWS.Debian.gz
I changed the parameters in section [system_default_sect] of the file
/etc/ssl/openssl.cnf
as follows:
+---+---+---+
VariableFrom:   To:
+---+---+---+
MinProtocol TLSv1.2 None
CipherStringDEFAULT@SECLEVEL=2  DEFAULT
+---+---+---+
After this change, the alpine ver. 2.22 works as expected
(same as ver. 2.20) on my debian system with:
# hostnamectl 
---

   Static hostname: debian64-izoukos
 Icon name: computer-laptop
   Chassis: laptop
Machine ID: 3fd0fab79bb149d884aa4d3167b9f307
   Boot ID: 6ca89e4927d845dbb5637a7a3b44dd82
  Operating System: Debian GNU/Linux 10 (buster)
Kernel: Linux 4.9.0-9-amd64
  Architecture: x86-64
---
I think that the problem has been solved and I would like to thank all
of you for your prompt responses.

Thanks and best regards!
V. Z.
On Tue, 12 May 2020, Unit 193 wrote:


Howdy,

I noticed that your initial report claims that you're running buster, but the 
version you are comparing the buster backport to is from oldstable.  This 
means that rather than linking against the same version of openssl, the older 
version of alpine you're running is linked against openssl1.0 which is no 
longer in Debian.


If you really are on buster, can you also try alpine 2.21 from the buster 
repos? One larger change with buster was that openssl changed the default 
minimum TLS version from TLSv1 to TLSv1.2.  For full information see 
/usr/share/doc/libssl1.1/NEWS.Debian.gz



~Unit 193
Unit193 @ freenode
Unit193 @ OFTC

On Mon, 11 May 2020, Eduardo Chappa wrote:


On Mon, 11 May 2020, Βασίλειος A. Ζοῦκος wrote:

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-12 Thread Unit 193 

Howdy,

I noticed that your initial report claims that you're running buster, but the 
version you are comparing the buster backport to is from oldstable.  This means 
that rather than linking against the same version of openssl, the older version 
of alpine you're running is linked against openssl1.0 which is no longer in 
Debian.


If you really are on buster, can you also try alpine 2.21 from the buster repos? 
One larger change with buster was that openssl changed the default minimum TLS 
version from TLSv1 to TLSv1.2.  For full information see 
/usr/share/doc/libssl1.1/NEWS.Debian.gz



~Unit 193
Unit193 @ freenode
Unit193 @ OFTC

On Mon, 11 May 2020, Eduardo Chappa wrote:


On Mon, 11 May 2020, Βασίλειος A. Ζοῦκος wrote:


Thanks for the informative responses.
More information on the subject:
1. The variable Encryption Protocol Range  appears only in alpine
ver. 2.22 with the assignment:
Encryption Protocol Range  = 


Yes, and since you have not modified it, nor Debian did, that means that your 
version of Alpine supports all the encryption protocols supported by the 
underlying version of openssl.


Now it is the job of the Debian maintainer to investigate which protocols 
were used to compile each of the versions of Openssl that were used to link 
against each version of Alpine.


Let us wait for that report, and we can figure out what the next action will 
be.


~Unit 193
Unit193 @ freenode
Unit193 @ OFTC

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-11 Thread Eduardo Chappa 

On Mon, 11 May 2020, Βασίλειος A. Ζοῦκος wrote:


Thanks for the informative responses.
More information on the subject:
1. The variable Encryption Protocol Range  appears only in alpine
ver. 2.22 with the assignment:
Encryption Protocol Range  = 


Yes, and since you have not modified it, nor Debian did, that means that 
your version of Alpine supports all the encryption protocols supported by 
the underlying version of openssl.


Now it is the job of the Debian maintainer to investigate which protocols 
were used to compile each of the versions of Openssl that were used to 
link against each version of Alpine.


Let us wait for that report, and we can figure out what the next action 
will be.


--
Eduardo

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-11 Thread Βασίλειος A . Ζοῦκος 

Thanks for the informative responses.
More information on the subject:
1. The variable Encryption Protocol Range  appears only in alpine
ver. 2.22 with the assignment:
Encryption Protocol Range  = 
2. Attached are the outputs of the commands:
# ldd /usr/bin/alpine_2_20
# ldd /usr/bin/alpine_2_22

Thanks again for your help!linux-vdso.so.1 (0x7ffc7c998000)
libgssapi_krb5.so.2 => /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 
(0x7f09effe1000)
libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 
(0x7f09eff8d000)
libcrypto.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 
(0x7f09efb27000)
libssl.so.1.0.2 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2 
(0x7f09ef8be000)
libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 
(0x7f09ef892000)
liblber-2.4.so.2 => /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2 
(0x7f09ef881000)
libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x7f09ef86e000)
libkrb5.so.3 => /usr/lib/x86_64-linux-gnu/libkrb5.so.3 
(0x7f09ef78e000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7f09ef76d000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7f09ef5ac000)
libk5crypto.so.3 => /usr/lib/x86_64-linux-gnu/libk5crypto.so.3 
(0x7f09ef578000)
libcom_err.so.2 => /lib/x86_64-linux-gnu/libcom_err.so.2 
(0x7f09ef572000)
libkrb5support.so.0 => /usr/lib/x86_64-linux-gnu/libkrb5support.so.0 
(0x7f09ef561000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7f09ef55c000)
libkeyutils.so.1 => /lib/x86_64-linux-gnu/libkeyutils.so.1 
(0x7f09ef555000)
libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 
(0x7f09ef53b000)
libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 
(0x7f09ef51e000)
libgnutls.so.30 => /usr/lib/x86_64-linux-gnu/libgnutls.so.30 
(0x7f09ef372000)
libaudit.so.1 => /lib/x86_64-linux-gnu/libaudit.so.1 
(0x7f09ef345000)
/lib64/ld-linux-x86-64.so.2 (0x7f09f092d000)
libp11-kit.so.0 => /usr/lib/x86_64-linux-gnu/libp11-kit.so.0 
(0x7f09ef216000)
libidn2.so.0 => /usr/lib/x86_64-linux-gnu/libidn2.so.0 
(0x7f09ef1f7000)
libunistring.so.2 => /usr/lib/x86_64-linux-gnu/libunistring.so.2 
(0x7f09ef073000)
libtasn1.so.6 => /usr/lib/x86_64-linux-gnu/libtasn1.so.6 
(0x7f09eee6)
libnettle.so.6 => /usr/lib/x86_64-linux-gnu/libnettle.so.6 
(0x7f09eee26000)
libhogweed.so.4 => /usr/lib/x86_64-linux-gnu/libhogweed.so.4 
(0x7f09eeded000)
libgmp.so.10 => /usr/lib/x86_64-linux-gnu/libgmp.so.10 
(0x7f09eed6a000)
libcap-ng.so.0 => /lib/x86_64-linux-gnu/libcap-ng.so.0 
(0x7f09eed62000)
libffi.so.6 => /usr/lib/x86_64-linux-gnu/libffi.so.6 
(0x7f09eed58000)
linux-vdso.so.1 (0x7ffe9d86)
libgssapi_krb5.so.2 => /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 
(0x7fb55fe4e000)
libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 
(0x7fb55fe14000)
libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 
(0x7fb55fdc)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 
(0x7fb55fd2f000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 
(0x7fb55fa45000)
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 
(0x7fb55fa17000)
liblber-2.4.so.2 => /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2 
(0x7fb55fa04000)
libkrb5.so.3 => /usr/lib/x86_64-linux-gnu/libkrb5.so.3 
(0x7fb55f924000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7fb55f903000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7fb55f742000)
libk5crypto.so.3 => /usr/lib/x86_64-linux-gnu/libk5crypto.so.3 
(0x7fb55f70e000)
libcom_err.so.2 => /lib/x86_64-linux-gnu/libcom_err.so.2 
(0x7fb55f708000)
libkrb5support.so.0 => /usr/lib/x86_64-linux-gnu/libkrb5support.so.0 
(0x7fb55f6f7000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7fb55f6f2000)
libkeyutils.so.1 => /lib/x86_64-linux-gnu/libkeyutils.so.1 
(0x7fb55f6eb000)
libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 
(0x7fb55f6d1000)
libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 
(0x7fb55f6b4000)
libgnutls.so.30 => /usr/lib/x86_64-linux-gnu/libgnutls.so.30 
(0x7fb55f508000)
/lib64/ld-linux-x86-64.so.2 (0x7fb5605dc000)
libp11-kit.so.0 => /usr/lib/x86_64-linux-gnu/libp11-kit.so.0 
(0x7fb55f3d7000)
libidn2.so.0 => /usr/lib/x86_64-linux-gnu/libidn2.so.0 
(0x7fb55f3b8000)
libunistring.so.2 => /usr/lib/x86_64-linux-gnu/libunistring.so.2 
(0x7fb55f234000)
libtasn1.so.6 => /usr/lib/x86_64-linux-gnu/libtasn1.so.6 
(0x7fb55f021000)

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-09 Thread Eduardo Chappa 

On Sun, 3 May 2020, Unit 193 wrote:

Thank you for including logs!  The important line from the latter is as 
follows:


sslfailure: host=imap.otenet.gr reason=SSL negotiation failed

Unfortunately that's not a lot of detail, so it's useful to use testssl 
or `openssl s_client` to check what's going on here.


From that, I got

routines:ssl_choose_client_version:unsupported 
protocol:../ssl/statem/statem_lib.c:1929:


as well as testssl noting a few things that weren't favorable, such as a 
SHA1 cert, offering SSLv3 and TLSv1, etc. Alpine had a bunch of changes 
with regards to TLS in the last release, namely for me it added SNI 
support, and I wonder if it's now more strict.


I do not know what changes Debian makes to the compilation of Alpine, or 
to Openssl, and both are relevant here. The server at imap.otenet.gr 
supports as the highest protocol for encryption TLSv1. Today the minimum 
that most servers support is TLSv1_1, and so you find commonly that 
TLSv1_2 is also used. Rarely you find TLSv1_3, but that is the direction 
in which we are going.


On the other hand Alpine will support encryptions protocol as the library 
that was used to compile supports. That is the exculpatory part in Alpine. 
So you have to look at the encryption protocols in the underlying openssl 
library. If that library was compiled without support for TLSv1, then no 
application that needs support for TLSv1 will fail. again, this is because 
of the library, not the program.


Many linux distributors already distribute libraries that do not support 
SSLv3, even though the source code that they use to build those libraries 
supports such version of SSL.  This is a choice distributors make, not the 
person compiling Alpine. Maybe Debian builds their openssl only supporting 
TLSv1_1 and above. I do not know, but that is something to investigate.


Finally, there is a way to protect alpine users directly. Any Alpine user 
can disable encryption protocols that they do not wish to use. So, for 
example, if Debian distributed a version of openssl that supported SSLv3, 
a user that feels that this is insecure could disable completely the 
negotiation of said protocol, and make the connection fail (in the way 
that this connection is failing) after the TLSv1 negotiation fail. In 
other words, one could make the negotiation fail even when both Alpine 
(through openssl) and the server support SSLv3. This is configured in the 
variable


Encryption Protocol Range =

which is an interval of encryption protocols that Alpine will try. The 
default is "no_min,no_max", meaning that openssl should try to use any 
protocol that is compiled into openssl, starting with the highest and 
continuing down, until it finds one that works for the server and openssl. 
All Alpine does in this case is to tell openssl what not to try. This 
could also be a source of conflict, because the default value of this 
option can be modified at compilation time (e.g.: Debian can disable some 
protocols from the beginning, and I would advise Debian not to do that, 
but let the user choose). You can learn more about this variable by 
pressing M S C and once you find it, read its help text.


So, unless the person who built alpine played with the default for this 
variable, or the person reporting this bug also played with this variable, 
the answer here is that both openssl and the server were compiled with 
disjoint versions of encryption protocols, and none of them support the 
one the other supports. Hence Alpine fails to connect.


--
Eduardo

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-03 Thread Unit 193 

Howdy,

On Sun, 3 May 2020, Βασίλειος A. Ζοῦκος wrote:


To be more precise:
On the same machine with the same  debian distribution, I retain two
executable versions for alpine:
   1. alpine ver. 2.20
   2. alpine ver. 2.22
Using the same alpine configuration (for ver 2.20, 2.22):
   1. I am able to connect via TLS to imap/smtp servers and perform all the
   e-mail tasks using alpine ver. 2.20
   2. I can't connect via TLS to the same imap/smtp servers using alpine 
2.22.

   Attached are parts of the pine-debug files produced by the command:
   alpine_2_XX -d 9  (XX=20,22)

   Many thanks,


Thank you for including logs!  The important line from the latter is as follows:

 sslfailure: host=imap.otenet.gr reason=SSL negotiation failed

Unfortunately that's not a lot of detail, so it's useful to use testssl or 
`openssl s_client` to check what's going on here.



From that, I got


 routines:ssl_choose_client_version:unsupported 
protocol:../ssl/statem/statem_lib.c:1929:

as well as  testssl noting a few things that weren't favorable, such as a SHA1 
cert, offering SSLv3 and TLSv1, etc.  Alpine had a bunch of changes with 
regards to TLS in the last release, namely for me it added SNI support, and I 
wonder if it's now more strict.


This sounds like something one might want to contact upstream about, I don't 
think I've noticed anything on the list regarding an issue like this, though I 
could have missed it.



~Unit 193
Unit193 @ freenode
Unit193 @ OFTC

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-03 Thread Βασίλειος A . Ζοῦκος 

On Sat, 2 May 2020, Unit 193 wrote:


severity -1 normal
tags -1 + unreproducible
stop

Howdy,

When filing bugs, please at the very least take the time to fill out the the 
template additionally providing any details that may be used to assist with 
your problem.


I have been using this version of alpine for some time now (indeed, it fixes 
SNI issues) and have no problems connecting to TLS sources.  Perhaps take a 
minute to review your configuration and see if there's any oddities 
preventing you from connecting, and if at all possible provide any details 
that might further shed light on the problem.


~Unit 193
Unit193 @ freenode
Unit193 @ OFTC


To be more precise:
On the same machine with the same  debian distribution, I retain two
executable versions for alpine:
1. alpine ver. 2.20
2. alpine ver. 2.22
Using the same alpine configuration (for ver 2.20, 2.22):
1. I am able to connect via TLS to imap/smtp servers and perform all the
e-mail tasks using alpine ver. 2.20
2. I can't connect via TLS to the same imap/smtp servers using alpine 2.22.
Attached are parts of the pine-debug files produced by the command:
alpine_2_XX -d 9  (XX=20,22)

Many thanks,

19:40:26.561978
Debug output of the Alpine program (debug=9 debug_imap=4). Version 2.20 (DEB 67 
2015-01-07)
Thu Apr 30 19:40:26 2020


19:40:26.562098
Starting after the reading_pinerc calls, the data in this file should
be encoded as UTF-8. Before that it will be in the user's native charset.

19:40:26.562150
Debug file: /home/vzoukos/.pine-debug1 (level=9 imap=4)

19:40:26.562187
 
"/usr/bin/alpine_2_20" "-d" "9" (PID=1191)


19:40:26.562241
Setting home dir from $HOME: "/home/vzoukos"

19:40:26.571837

 -- init_pinerc --

>>+ Ommited section
<<- Ommited section

19:40:31.787358
start_after() created c0d37700: done

19:40:31.787475
pine_mail_open: opening 
"{imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX" (stream was 
NULL) openflags=0x500  SP_USERFLDR SP_USEPOOL (19:40:31.787475)

19:40:31.787587
sp_stream_get({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX): 
SP_MATCH

19:40:31.787650
sp_stream_get: no match found

19:40:31.787709
sp_stream_get({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX): 
SP_SAME SP_TEMPUSE

19:40:31.787770
sp_stream_get: no match found

19:40:31.787827
pine_mail_open: there is an empty slot to use

19:40:32.007878
IMAP 19:40:32 4/30 mm_log babble: Trying IP address [62.103.147.209]

19:40:32.061157
IMAP DEBUG 19:40:32.061157: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR 
LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] OTENET ready

19:40:32.061298
imap_cmd({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX, 
STARTTLS, 0x0)

19:40:32.061385
IMAP DEBUG 19:40:32.061385:  STARTTLS

19:40:32.082356
IMAP DEBUG 19:40:32.082356:  OK Begin TLS negotiation now.

19:40:32.149887
imap_cmd({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX, 
CAPABILITY, 0x0)

19:40:32.150002
IMAP DEBUG 19:40:32.150002: 0001 CAPABILITY

19:40:32.170860
IMAP DEBUG 19:40:32.170860: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR 
LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN

19:40:32.170942
IMAP DEBUG 19:40:32.170942: 0001 OK Pre-login capabilities listed, 
post-login capabilities have more.

19:40:32.195544
IMAP DEBUG 19:40:32.195544: 0002 AUTHENTICATE PLAIN

19:40:32.218606
IMAP DEBUG 19:40:32.218606: + 

19:40:32.218719
mm_login_work trial=0 user=vzoukos service=imap

19:40:32.218790
mm_login: host=imap.otenet.gr

19:40:32.218850
imap_get_passwd: checking user=vzoukos alt=1 host=imap.otenet.gr

19:40:32.218911
imap_get_passwd: no match

19:40:32.218968
read_passfile

19:40:32.219027
Looking for passfile "/home/vzoukos/.pine-passfile"

19:40:32.219154
=== optionally_enter called ===

>>+ Ommited section
<<- Ommited section

19:40:03.172282
Debug output of the Alpine program (debug=9 debug_imap=4). Version 2.22 (DEB 
394 2020-01-19)
Thu Apr 30 19:40:03 2020


19:40:03.172405
Starting after the reading_pinerc calls, the data in this file should
be encoded as UTF-8. Before that it will be in the user's native charset.

19:40:03.172456
Debug file: /home/vzoukos/.pine-debug1 (level=9 imap=4)

19:40:03.172498
 
"/usr/bin/alpine" "-d" "9" (PID=1185)


19:40:03.172554
Setting home dir from $HOME: "/home/vzoukos"

19:40:03.181443

 -- init_pinerc --

>>+ Ommited section
<<- Ommited section

19:40:10.252281
start_after() created ba738700: done

19:40:10.252371
pine_mail_open: opening 
"{imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX" (stream was 
NULL) openflags=0x500  SP_USERFLDR SP_USEPOOL (19:40:10.252371)

19:40:10.252459
sp_stream_get({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX): 
SP_MATCH

19:40:10.252522
sp_stream_get: no match found

19:40:10.252581
sp_stream_get({imap.otenet.gr/IMAP/novalidate-cert/norsh/user=vzoukos}INBOX): 
SP_SAME SP_TEMPUSE

19:40:10.252642
sp_stream_get: no match

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-02 Thread Unit 193 

severity -1 normal
tags -1 + unreproducible
stop

Howdy,

When filing bugs, please at the very least take the time to fill out the the 
template additionally providing any details that may be used to assist with your 
problem.


I have been using this version of alpine for some time now (indeed, it fixes SNI 
issues) and have no problems connecting to TLS sources.  Perhaps take a minute 
to review your configuration and see if there's any oddities preventing you from 
connecting, and if at all possible provide any details that might further shed 
light on the problem.


~Unit 193
Unit193 @ freenode
Unit193 @ OFTC

Bug#959481: alpine: does not connect with TLS to smtp/imap server

2020-05-02 Thread Βασίλειος A . Ζοῦκος 



Package: alpine
Version: 2.22+dfsg1-1~bpo10+1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?
  I expected to work properly as version 2.20 does
*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 10.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-9-amd64 (SMP w/2 CPU cores)
Locale: LANG=el_GR.UTF-8, LC_CTYPE=el_GR.UTF-8 (charmap=UTF-8), 
LANGUAGE=el_GR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages alpine depends on:
ii  libc6 2.28-10
ii  libgssapi-krb5-2  1.17-3
ii  libkrb5-3 1.17-3
ii  libldap-2.4-2 2.4.47+dfsg-3+deb10u1
ii  libssl1.1 1.1.1c-1
ii  libtinfo6 6.1+20181013-2+deb10u1
ii  mlock 8:2007f~dfsg-6

Versions of packages alpine recommends:
ii  alpine-doc  2.21+dfsg1-1.1
ii  sensible-utils  0.0.12

Versions of packages alpine suggests:
ii  aspell 0.60.7~20110707-6
ii  exim4-daemon-light [mail-transport-agent]  4.92-8+deb10u3

-- no debconf information