Note: this also affects anyone trying to connect to the dev.azure.com
servers (to, for example, git clone g...@ssh.dev.azure.com...)
$ ssh -vv ssh.dev.azure.com
...
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
interestingly, paramiko is also broken when connecting to older servers,
but not for the same reason as this bug. See bug 1973241
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
For reference to anyone coming here with this problem, when connecting
to a remote sshd server you can find what host key algorithms the remote
host uses by using -vv and check the debug output; look first for the
*peer* server KEXINIT proposal (not the earlier *local client* KEXINIT
proposal):
We generally expect programs to print a depreciation notice to stderr
and not just hide them in release notes, that we, as downstream users
don't read :)
If it doesn't warn during use, it's not properly deprecated.
--
You received this bug notification because you are a member of Ubuntu
Touch
No, I'm not going to undo this. IS shouldn't be running a pre-xenial
OpenSSH on xenial machines in the first place, and it's good to fix
that; and anything older than that is well out of support anyway.
** Changed in: openssh (Ubuntu)
Status: New => Won't Fix
--
You received this bug
Also, regarding the "without a deprecation notice" claim, this has been
advertised under "Future deprecation notice" in the OpenSSH release
notes since 8.2.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
** Tags added: rls-jj-incoming
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1961833
Title:
openssh 8.8 breaks login to Canonical servers
Status in openssh package in
Question we have to ask: Is breaking support for old servers without a
deprecation notice in the LTS release the best cause of action?
** Summary changed:
- openssh 8.8 breaks login to canonical servers
+ openssh 8.8 breaks login to Canonical servers
--
You received this bug notification
It says
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via
9 matches
Mail list logo