[Touch-packages] [Bug 1316017] Re: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device
As I just noted on the upstream bug (https://bugzilla.mindrot.org/show_bug.cgi?id=2365), the -o Tunnel=ethernet option needs to be before the -w option. Then, the tap device should be created as expected. ** Bug watch added: OpenSSH Portable Bugzilla #2365 https://bugzilla.mindrot.org/show_bug.cgi?id=2365 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1316017 Title: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device Status in openssh package in Ubuntu: Confirmed Bug description: This is a regression from the version of the client in 14.04 compared to 13.10. I'm connecting to 12.04.4 for a server. Expected behaviour: Creating a connection with the option -o Tunnel=ethernet will create a layer2 ethernet tap device. Actual behaviour: New client creates a layer3 IP tunnel. The old version of the client that works properly (installed manually on 14.04): OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 The new version of the client that does not work properly: OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1f 6 Jan 2014 The version of the SSH server I'm connecting to: openssh-server: Installed: 1:5.9p1-5ubuntu1.3 Candidate: 1:5.9p1-5ubuntu1.3 Version table: *** 1:5.9p1-5ubuntu1.3 0 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 1:5.9p1-5ubuntu1 0 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages # Terminal output with the old version: ssh -p 38613 username@IP -w any -o Tunnel=ethernet -vvv OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: auto-mux: Trying existing master debug1: Control socket path hidden does not exist debug2: ssh_connect: needpriv 0 debug1: Connecting to IP [IP] port 38613. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_rsa as a RSA1 public key debug1: identity file /root/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-16384 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-16384 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_ecdsa as a RSA1 public key debug1: identity file /root/.ssh/id_ecdsa type 3 debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-521 debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-521 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.3 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.3 pat OpenSSH_5* debug2: fd 3 setting O_NONBLOCK debug3: put_host_port: [IP]:38613 debug3: load_hostkeys: loading entries for host [IP]:38613 from file /root/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:24 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit:
[Touch-packages] [Bug 1316017] Re: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device
** Also affects: openssh via https://bugzilla.mindrot.org/show_bug.cgi?id=2365 Importance: Unknown Status: Unknown ** Description changed: This is a regression from the version of the client in 14.04 compared to 13.10. I'm connecting to 12.04.4 for a server. Expected behaviour: Creating a connection with the option -o Tunnel=ethernet will create a layer2 ethernet tap device. Actual behaviour: New client creates a layer3 IP tunnel. + Workaround: + The -o Tunnel=ethernet option needs to be before the -w option. Then, the tap device should be created as expected. With thanks to Chiang Fong Lee. + + The old version of the client that works properly (installed manually on 14.04): OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 The new version of the client that does not work properly: OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1f 6 Jan 2014 The version of the SSH server I'm connecting to: openssh-server: - Installed: 1:5.9p1-5ubuntu1.3 - Candidate: 1:5.9p1-5ubuntu1.3 - Version table: - *** 1:5.9p1-5ubuntu1.3 0 - 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages - 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages - 100 /var/lib/dpkg/status - 1:5.9p1-5ubuntu1 0 - 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages - + Installed: 1:5.9p1-5ubuntu1.3 + Candidate: 1:5.9p1-5ubuntu1.3 + Version table: + *** 1:5.9p1-5ubuntu1.3 0 + 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages + 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages + 100 /var/lib/dpkg/status + 1:5.9p1-5ubuntu1 0 + 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages # Terminal output with the old version: ssh -p 38613 username@IP -w any -o Tunnel=ethernet -vvv OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: auto-mux: Trying existing master debug1: Control socket path hidden does not exist debug2: ssh_connect: needpriv 0 debug1: Connecting to IP [IP] port 38613. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_rsa as a RSA1 public key debug1: identity file /root/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-16384 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-16384 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_ecdsa as a RSA1 public key debug1: identity file /root/.ssh/id_ecdsa type 3 debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-521 debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-521 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.3 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.3 pat OpenSSH_5* debug2: fd 3 setting O_NONBLOCK debug3: put_host_port: [IP]:38613 debug3: load_hostkeys: loading entries for host [IP]:38613 from file /root/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:24 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit:
[Touch-packages] [Bug 1316017] Re: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: openssh (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1316017 Title: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device Status in openssh package in Ubuntu: Confirmed Bug description: This is a regression from the version of the client in 14.04 compared to 13.10. I'm connecting to 12.04.4 for a server. Expected behaviour: Creating a connection with the option -o Tunnel=ethernet will create a layer2 ethernet tap device. Actual behaviour: New client creates a layer3 IP tunnel. The old version of the client that works properly (installed manually on 14.04): OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 The new version of the client that does not work properly: OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1f 6 Jan 2014 The version of the SSH server I'm connecting to: openssh-server: Installed: 1:5.9p1-5ubuntu1.3 Candidate: 1:5.9p1-5ubuntu1.3 Version table: *** 1:5.9p1-5ubuntu1.3 0 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 1:5.9p1-5ubuntu1 0 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages # Terminal output with the old version: ssh -p 38613 username@IP -w any -o Tunnel=ethernet -vvv OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: auto-mux: Trying existing master debug1: Control socket path hidden does not exist debug2: ssh_connect: needpriv 0 debug1: Connecting to IP [IP] port 38613. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_rsa as a RSA1 public key debug1: identity file /root/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-16384 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-16384 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_ecdsa as a RSA1 public key debug1: identity file /root/.ssh/id_ecdsa type 3 debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-521 debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-521 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.3 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.3 pat OpenSSH_5* debug2: fd 3 setting O_NONBLOCK debug3: put_host_port: [IP]:38613 debug3: load_hostkeys: loading entries for host [IP]:38613 from file /root/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:24 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit:
[Touch-packages] [Bug 1316017] Re: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device
this should be upstream -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1316017 Title: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device Status in openssh package in Ubuntu: Confirmed Bug description: This is a regression from the version of the client in 14.04 compared to 13.10. I'm connecting to 12.04.4 for a server. Expected behaviour: Creating a connection with the option -o Tunnel=ethernet will create a layer2 ethernet tap device. Actual behaviour: New client creates a layer3 IP tunnel. The old version of the client that works properly (installed manually on 14.04): OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 The new version of the client that does not work properly: OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1f 6 Jan 2014 The version of the SSH server I'm connecting to: openssh-server: Installed: 1:5.9p1-5ubuntu1.3 Candidate: 1:5.9p1-5ubuntu1.3 Version table: *** 1:5.9p1-5ubuntu1.3 0 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 1:5.9p1-5ubuntu1 0 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages # Terminal output with the old version: ssh -p 38613 username@IP -w any -o Tunnel=ethernet -vvv OpenSSH_6.2p2 Ubuntu-6ubuntu0.3, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: auto-mux: Trying existing master debug1: Control socket path hidden does not exist debug2: ssh_connect: needpriv 0 debug1: Connecting to IP [IP] port 38613. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_rsa as a RSA1 public key debug1: identity file /root/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-16384 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-16384 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug3: Incorrect RSA1 identifier debug3: Could not load /root/.ssh/id_ecdsa as a RSA1 public key debug1: identity file /root/.ssh/id_ecdsa type 3 debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-521 debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-521 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.3 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.3 pat OpenSSH_5* debug2: fd 3 setting O_NONBLOCK debug3: put_host_port: [IP]:38613 debug3: load_hostkeys: loading entries for host [IP]:38613 from file /root/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:24 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-...@openssh.com,aes256-...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: