[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Launchpad Bug Tracker]

This bug was fixed in the package openssh - 1:7.3p1-1

---
openssh (1:7.3p1-1) unstable; urgency=medium

  * New upstream release (http://www.openssh.com/txt/release-7.3):
- SECURITY: sshd(8): Mitigate a potential denial-of-service attack
  against the system's crypt(3) function via sshd(8).  An attacker could
  send very long passwords that would cause excessive CPU use in
  crypt(3).  sshd(8) now refuses to accept password authentication
  requests of length greater than 1024 characters.
- SECURITY: ssh(1), sshd(8): Fix observable timing weakness in the CBC
  padding oracle countermeasures.  Note that CBC ciphers are disabled by
  default and only included for legacy compatibility.
- SECURITY: ssh(1), sshd(8): Improve operation ordering of MAC
  verification for Encrypt-then-MAC (EtM) mode transport MAC algorithms
  to verify the MAC before decrypting any ciphertext.  This removes the
  possibility of timing differences leaking facts about the plaintext,
  though no such leakage has been observed.
- ssh(1): Add a ProxyJump option and corresponding -J command-line flag
  to allow simplified indirection through a one or more SSH bastions or
  "jump hosts".
- ssh(1): Add an IdentityAgent option to allow specifying specific agent
  sockets instead of accepting one from the environment.
- ssh(1): Allow ExitOnForwardFailure and ClearAllForwardings to be
  optionally overridden when using ssh -W.
- ssh(1), sshd(8): Implement support for the IUTF8 terminal mode as per
  draft-sgtatham-secsh-iutf8-00 (closes: #337041, LP: #394570).
- ssh(1), sshd(8): Add support for additional fixed Diffie-Hellman 2K,
  4K and 8K groups from draft-ietf-curdle-ssh-kex-sha2-03.
- ssh-keygen(1), ssh(1), sshd(8): Support SHA256 and SHA512 RSA
  signatures in certificates.
- ssh(1): Add an Include directive for ssh_config(5) files (closes:
  #536031).
- ssh(1): Permit UTF-8 characters in pre-authentication banners sent
  from the server.
- ssh(1), sshd(8): Reduce the syslog level of some relatively common
  protocol events from LOG_CRIT.
- sshd(8): Refuse AuthenticationMethods="" in configurations and accept
  AuthenticationMethods=any for the default behaviour of not requiring
  multiple authentication.
- sshd(8): Remove obsolete and misleading "POSSIBLE BREAK-IN ATTEMPT!"
  message when forward and reverse DNS don't match.
- ssh(1): Deduplicate LocalForward and RemoteForward entries to fix
  failures when both ExitOnForwardFailure and hostname canonicalisation
  are enabled.
- sshd(8): Remove fallback from moduli to obsolete "primes" file that
  was deprecated in 2001 (LP: #1528251).
- sshd_config(5): Correct description of UseDNS: it affects ssh hostname
  processing for authorized_keys, not known_hosts.
- sshd(8): Send ClientAliveInterval pings when a time-based RekeyLimit
  is set; previously keepalive packets were not being sent.
- sshd(8): Whitelist more architectures to enable the seccomp-bpf
  sandbox.
- scp(1): Respect the local user's LC_CTYPE locale (closes: #396295).
- Take character display widths into account for the progressmeter
  (closes: #407088).

 -- Colin Watson   Sun, 07 Aug 2016 22:45:26 +0100

** Changed in: openssh (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Released

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : 

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[bugproxy]

** Tags added: architecture-s39064 bugnameltc-137850 severity-high
targetmilestone-inin1610

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Committed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

** Tags removed: architecture-s39064 bugnameltc-137850 error logging
severity-high targetmilestone-inin1604

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Committed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Colin Watson]

I won't forget to do it with the 7.3 upload, and would rather have the
bug open until it's actually fixed.

** Changed in: openssh (Ubuntu)
   Status: Fix Released => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Committed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Alexander]

Thanks for your attention!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Released

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

This has been fixed in upstream openssh, and will be part of like 7.3
release or some such. When that gets released, makes it to debian and
makes it to ubuntu, this bug will be resolved. This is a minor issue and
not worth cherrypicking for. I'll just mark ubuntu task as fix released,
cause we will forget to do so with 7.3 upload.

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/dh.c?rev=1.59
=text/x-cvsweb-markup

** Changed in: openssh (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in portable OpenSSH:
  Unknown
Status in openssh package in Ubuntu:
  Fix Released

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Colin Watson]

Sorry, I mean OpenSSH in general of course, not just the client.

And yes, the other end ought to be able to cope with stronger primes.
But that's not what this bug is about: it specifically says "The alleged
problem is the reference to /etc/ssh/primes instead of /etc/ssh/moduli".

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Triaged

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Colin Watson]

Sigh.  No.  It's a perfectly obvious bug in the OpenSSH client, it's
just mostly cosmetic (i.e. it's checking two files but then only warning
about one).  Please read the original bug description carefully before
closing this or arguing further about whether it's valid.

** Changed in: openssh (Ubuntu)
   Importance: Undecided => Low

** Changed in: openssh (Ubuntu)
   Status: Invalid => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Triaged

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

Surely the bug is in Client: Prompt 2 v2.5.2 (Build 23057) on IOS 9.2.1
(see https://panic.com/prompt/), and you should report to them that it
should use stronger keys to authenticate, no? We do not provide support
for third party ssh clients. And we will not weaken our server to
support weak clients.

Also wily 15.10 on amd64, is out of scope for s390x support on xenial.

Please let me know, if you can reproduce this at all with Ubuntu clients
and Ubuntu server on s390x.

** Changed in: openssh (Ubuntu)
   Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Invalid

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Alexander]

Perhaps the following is helpful in tracing the problem. It is an
excerpt from /var/log/auth.log covering the ssh login from the iPad on
the server (srv01) in the situation described earlier, logged at
LogLevel DEBUG3:

Mar 23 08:33:14 srv01 sshd[1782]: Connection from ***.***.***.66 port 59484 on 
***.***.***.34 port ***22
Mar 23 08:33:14 srv01 sshd[1782]: debug1: Client protocol version 2.0; client 
software version OpenSSH_5.4
Mar 23 08:33:14 srv01 sshd[1782]: debug1: match: OpenSSH_5.4 pat OpenSSH_5* 
compat 0x0c00
Mar 23 08:33:14 srv01 sshd[1782]: debug1: Enabling compatibility mode for 
protocol 2.0
Mar 23 08:33:14 srv01 sshd[1782]: debug1: Local version string 
SSH-2.0-OpenSSH_6.9p1 Ubuntu-2ubuntu0.1
Mar 23 08:33:14 srv01 sshd[1782]: debug2: fd 3 setting O_NONBLOCK
Mar 23 08:33:14 srv01 sshd[1782]: debug2: Network child is on pid 1783
Mar 23 08:33:14 srv01 sshd[1782]: debug3: preauth child monitor started
Mar 23 08:33:14 srv01 sshd[1782]: debug3: privsep user:group 104:65534 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: permanently_set_uid: 104/65534 
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: list_hostkey_types: 
ssh-ed25519,ssh-rsa [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: SSH2_MSG_KEXINIT received [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
curve25519-sha...@libssh.org,diffie-hellman-group-exchange-sha256 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
ssh-ed25519,ssh-rsa [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
chacha20-poly1...@openssh.com,aes256-...@openssh.com,aes256-ctr,aes192-ctr 
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
chacha20-poly1...@openssh.com,aes256-...@openssh.com,aes256-ctr,aes192-ctr 
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-ripemd160-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-ripemd160-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
none,z...@openssh.com [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
none,z...@openssh.com [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit:  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit:  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: first_kex_follows 
0  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: reserved 0  
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss 
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-...@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-...@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
hmac-sha2-512-...@openssh.com,hmac-sha2-512,hmac-sha2-256-...@openssh.com,hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd...@openssh.com
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
hmac-sha2-512-...@openssh.com,hmac-sha2-512,hmac-sha2-256-...@openssh.com,hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd...@openssh.com
 [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
zlib,z...@openssh.com,none [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: 
zlib,z...@openssh.com,none [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit:  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit:  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: first_kex_follows 
0  [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug2: kex_parse_kexinit: reserved 0  
[preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: kex: client->server aes192-ctr 
hmac-sha2-512-...@openssh.com z...@openssh.com [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: debug1: kex: server->client aes192-ctr 
hmac-sha2-512-...@openssh.com z...@openssh.com [preauth]
Mar 23 08:33:14 srv01 sshd[1782]: 

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Alexander]

Apologies for my late response. I am running different software now, but
the 'bug' is still present.  I can currently reproduce it as follows:

Server: openssh-server Version: 1:6.9p1-2ubuntu0.1, Architecture amd64 on 
Ubuntu 15.10 (wily)
Client: Prompt 2 v2.5.2 (Build 23057) on IOS 9.2.1 (see 
https://panic.com/prompt/)

My /etc/ssh/sshd_config mentions:
> KexAlgorithms   
> curve25519-sha...@libssh.org,diffie-hellman-group-exchange-sha256

When my /etc/ssh/moduli is generated to contain only 4096 bit primes,
and I log in from my iPad using Prompt 2, the server logs the following
message in /var/log/auth.log:

Mar 22 21:47:40 srv01 sshd[28876]: WARNING: no suitable primes in
/etc/ssh/primes

The file /etc/ssh/primes does not exist on the server system; neither is
it mentioned in the (FILES section of the) sshd(8) manpage, which,
incidentally, does mention /etc/ssh/moduli. - The above message is not
logged in case /etc/ssh/moduli is generated to contain all of 2048, 3072
and 4096 bit primes.

I hope the report is now as complete as it should be. In case I find
other ways to reproduce the error, I will let you know.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Seth Arnold]

OFERBA, I suspect you have a different issue than this bug report, which
is about a misleading pathname in an error message.

I'd suggest filing a new bug for your issue however I do not think it is
appropriate to be shipping a new release with 1024 bit DH primes as a
default supported configuration. See https://weakdh.org/ for more
information.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

This cannot be a bug on architecture-s39064 and 14.04.3 release
simultaniously, as there is no s39064 for 14.04.

@bugproxy -> why these tags were added? Is this an automation issue, or
metadata issue on your side?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[bugproxy]

** Tags added: architecture-s39064 bugnameltc-137850 severity-high
targetmilestone-inin1604

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

Assignee should be an appropriate screening team - probably taco or
skipper.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Dimitri John Ledkov]

looking at openssh source code:
#define _PATH_DH_MODULI SSHDIR "/moduli"
/* Backwards compatibility */
#define _PATH_DH_PRIMES SSHDIR "/primes"


both paths are defined, with primes being a legacy/compat one.
Ubuntu only uses the current default /moduli path.

These are documented in ssh-keygen, you can see this manpage over here
too http://manpages.ubuntu.com/manpages/xenial/en/man1/ssh-
keygen.1.html#contenttoc3

Note, openssh supports and can be forced to use more combinations on
client <-> server than available in the moduli, hence the caveat as per
manpage. If one needs moduli beyond what's available in /moduli path,
one may need to generate extra ones.

Nonetheless, please provide information as to how to reproduce this
error ssh client in use, ssh server in use, and version details of both
client and server. Ideally including architecture and exact package
version numbers. The combined metadata on this bug report is
inconsistent, and I'm failing to reproduce the described errors.

** Changed in: openssh (Ubuntu)
   Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes

[Launchpad Bug Tracker]

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: openssh (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251

Title:
  WARNING: no suitable primes in /etc/ssh/primes

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  
  For instance when the KexAlgorithms option in sshd_config is set to include 
Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and 
the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the 
ssh server may log the above warning message to /var/log/auth.log, probably 
because the ssh client trying to log in does not allow for the use of 4096 bit 
primes during the key exchange. The alleged problem is the reference to 
/etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file 
/etc/ssh/primes is neither used by ssh server, nor documented.

  I note that this error appears to have been reported in several places
  on the web in the past years, but to no avail (e.g.
  http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)

  
  Release: Ubuntu 14.04.3 LTS
  Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp