This bug was fixed in the package openssh - 1:7.2p2-4ubuntu2.2
---
openssh (1:7.2p2-4ubuntu2.2) xenial; urgency=medium
* Fix ssh-keygen -H accidentally corrupting known_hosts that contained
already-hashed entries (LP: #1668093).
* Fix ssh-keyscan to correctly hash hosts with a
This bug was fixed in the package openssh - 1:7.3p1-1ubuntu0.1
---
openssh (1:7.3p1-1ubuntu0.1) yakkety; urgency=medium
* Fix ssh-keygen -H accidentally corrupting known_hosts that contained
already-hashed entries (LP: #1668093).
* Fix ssh-keyscan to correctly hash hosts with
@ghusson,
This will be available soon in Xenial and Yakkety. As of today it is still in
-proposed.
@sru-team,
Based on ghusson's comment and my own testing of Xenial (7.2p2-4ubuntu2.2) and
Yakkety (7.3p1-1ubuntu0.1) I am marking this as verification-done. I followed
the test case I originally d
** Changed in: openssh (Ubuntu)
Assignee: Joshua Powers (powersj) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1670745
Title:
ssh-keyscan : bad host
Hello,
Thank you Colin for your clarification.
I don't understand why the package I downloaded was not the good one.
Anyway, after having followed selective proposed update documentation, I have :
#ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
#dpkg -l | grep openssh
ii opens
Gautier, as well as Christian's comments:
(1) In your output, 6.7p1 is the version of the server you're connecting
to, not the client version.
(2) libssh is irrelevant here.
(3) 7.2p2-4 is not the fixed version. See comment #9 on this bug.
--
You received this bug notification because you a
Also after enabling proposed you can install "just the package and its
dependencies" by instead of running "apt upgrade" just running in this
case "apt install openssh-client".
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because yo
Prior to updating when scanning from a target I still have ports in the
output:
ssh-keyscan -H -p 10.0.4.153
# 10.0.4.153: SSH-2.0-OpenSSH_7.4p1 Ubuntu-10
[|1|nTWrNxylhhwkyicxuuS/5p2Tlts=|ziw5AkY9sg/oRSpkYIuxswDgIf8=]: ssh-ed25519
C3NzaC1lZDI1NTE5ID4/W/XQvgco3vziMDLT5PyHwuqY9
@Gautier - thanks for trying to verify - I'm currently doing the same.
The known_hosts file you have still has the broken content.
The fix cannot change your existing known_hosts file to be good.
You'd have to remove the broken lines and add them again with ssh-keyscan.
But the fix in keyscan is in
First : thank you everybody for all your work !
At now I am not able to see the difference. But I think I may not doing the
right thing in order to test :
wget "http://launchpadlibrarian.net/254059000/openssh-client_7.2p2-4_amd64.deb";
dpkg -i openssh-client_7.2p2-4_amd64.deb
ssh-keyscan -v -t ds
** Description changed:
[Impact]
- * An explanation of the effects of the bug on users and
+ * using ssh-keyscan while using the port (-p) option of it will create
+bad entries. They will contain the port and thereby be invalid for
+latter use under the purpose of known_hosts.
Hello Gautier, or anyone else affected,
Accepted openssh into yakkety-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/openssh/1:7.3p1-1ubuntu0.1 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
htt
** Also affects: openssh (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: openssh (Ubuntu Yakkety)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openss
** Tags added: server-next
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1670745
Title:
ssh-keyscan : bad host signature when using port option
Status in portable OpenSS
This bug was fixed in the package openssh - 1:7.4p1-9
---
openssh (1:7.4p1-9) unstable; urgency=medium
* Fix null pointer dereference in ssh-keygen; this fixes an autopkgtest
regression introduced in 1:7.4p1-8.
-- Colin Watson Thu, 16 Mar 2017 13:43:15 +
** Changed in:
I was able to confirm the fix working on the bileto ppas I'm working on.
All further updates will be made in bug 1668093, some time will pass until all
tests/verifications are complete and we can sync the package to the SRU
unapproved queue.
--
You received this bug notification because you are
FYI - Colin has merged the fix, uploaded to Debian and synced to Zesty.
But the sync is blocked by an issue with another bundled fix (see bug 1668093).
Just checked affected Releases for the SRUs to be prepared:
- Trusty: not affected
- Xenial: affected
- Yakkety: affected
That is just the set I
FYI I'll bundle this with the fix for 1668093
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1670745
Title:
ssh-keyscan : bad host signature when using port option
Status
** Changed in: openssh (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1670745
Title:
ssh-keyscan : bad host signature when usin
** Changed in: openssh (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1670745
Title:
ssh-keyscan : bad host signature when using por
** Bug watch added: Debian Bug tracker #857736
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857736
** Also affects: openssh (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857736
Importance: Unknown
Status: Unknown
--
You received this bug notification because y
As an update, the issue was confirmed and fixed by the maintainer. We
have to decide now if and how to SRU this and to which releases.
** Changed in: openssh (Ubuntu)
Importance: Undecided => High
** Changed in: openssh (Ubuntu)
Assignee: (unassigned) => Joshua Powers (powersj)
** Change
Thank you for your action Joshua.
The most weird thing is that it is known to work on debian (as reported
here : https://github.com/ansible/ansible-modules-extras/issues/2651) !
For future reference, your bug report URL to openssh is :
https://bugzilla.mindrot.org/show_bug.cgi?id=2692
** Bug wat
Thanks for the bug report!
Steps to reproduce:
$ lxc launch ubuntu-daily:xenial xenial
# edit /etc/ssh/sshd_config and change port to
# service ssh restart
# ip a to note container IP
# exit
$ ssh-keyscan -H -p
The port will be in the output and not hashed as described in the
report.
24 matches
Mail list logo
