[Bug 1855768] Re: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status
** Changed in: ubuntu Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1855768 Title: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1855768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1855768] Re: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status
Hey Teppei, Great to hear that! After deeper looking over my logs and console buffer, I think this was a combination of a user error on my part and a UX problem in Trivy caching. What I think might have happened: - I scanned `ubuntu:18.04` tag at some point before the libidn2 fix went in and Trivy showed a vulnerability as "valid" correctly. - At some point I must have pulled the new `ubuntu:18.04` tag (I'm guessing). - I went into the container to see what `libidn2-0` version I was running and it returned a version number that I correlated to a fixed version according to USN link. - Re-running trivy did not update the results nor tell me that the original result will be perma-cached so I posited that Trivy or the data it was pulling was at fault. - I then went down the rabbit hole of how Trivy pulls fix data that lead me to creating this bug report. Thanks both for looking into this though - sorry for the extra noise that wasn't needed! Eduardo, feel free to close this issue as invalid! Srdjan -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1855768 Title: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1855768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1855768] Re: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status
Hey Eduardo, This is the Trivy tool: https://github.com/aquasecurity/trivy. It's used to scan containers for CVEs and to reproduce you can install trivy and just run "trivy -quiet ubuntu:18.04" to see the CVE flagged. I think what is happening is that trivy scans installed packages on the system (returns libidn2-0) and then compares it to the CVE page which in this case shows as "DNE" and thus is flagged as a valid vulnerability. Do you think this sounds correct? If so, I will file the bug in relevant upstream projects. Srdjan -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1855768 Title: Ubuntu-security CVE-2019-18224 web page shows incorrect info about libidn2-0 status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1855768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 658865] Re: Install from USB fails: "An attempt to configure apt to install additional packages from the CD failed"
Got sick and tired of this bug so figured I'd find out what the cause is. Turns out (for me) because I overwrote multiple versions of Linux using unetbootin, there were multiple apt folders in dist/ on the drive (i.e. yakkety, zesty, etc) so when the 40cdrom script came around, it tried to validate the GPG signature of all the dist/ repos including the non-target dist/ which of course fails so it bubbles up as a failure of the whole installation script. Removing the folder in question made the installation proceed without issues. PS: Without 40cdrom script, latter part of the installation fails if you have a UEFI system since it won't be able to find the signed grub shim so this approach is not recommended. tl;dr fix: Removing the folder not matching installation CD version from your USB dist/ folder should make it work. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/658865 Title: Install from USB fails: "An attempt to configure apt to install additional packages from the CD failed" To manage notifications about this bug go to: https://bugs.launchpad.net/estobuntu/+bug/658865/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1579241] [NEW] java-runtime-headless no longer provided by openjdk-8-jre-headless
Public bug reported: On Ubuntu 15.10, version 8u91-b14-0ubuntu4~15.10.1 no longer provides virtual package `java-runtime-headless` while the older version does (8u66-b01-5): $ apt-cache show openjdk-8-jre-headless | grep 'Provides\|Version' Version: 8u91-b14-0ubuntu4~15.10.1 Provides: java2-runtime-headless, java5-runtime-headless, java6-runtime-headless, java7-runtime-headless, java8-runtime-headless Version: 8u66-b01-5 Provides: java-runtime-headless, java2-runtime-headless, java5-runtime-headless, java6-runtime-headless, java7-runtime-headless, java8-runtime-headless ... Package java-runtime-headless is a virtual package provided by: openjdk-6-jre-headless 6b38-1.13.10-0ubuntu0.15.10.1 openjdk-7-jre-headless 7u101-2.6.6-0ubuntu0.15.10.1 gcj-4.8-jre-headless 4.8.5-1ubuntu1 gcj-jre-headless 4:5.2.1-3ubuntu1 gcj-5-jre-headless 5.2.1-22ubuntu2 gcj-4.9-jre-headless 4.9.3-5ubuntu1 default-jre-headless 2:1.7-52 You should explicitly select one to install. E: Package 'java-runtime-headless' has no installation candidate ... This breaks many programs that have `java-runtime-headless` as a requirement. ** Affects: openjdk-8 (Ubuntu) Importance: Undecided Status: New ** Summary changed: - java-runtime-headless no longer dependency of openjdk-8-jre-headless + java-runtime-headless no longer provided by openjdk-8-jre-headless -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1579241 Title: java-runtime-headless no longer provided by openjdk-8-jre-headless To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-8/+bug/1579241/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
Log: sudo valgrind -v gpartedbin ** Attachment added: valgring_on_gpartedbin https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+attachment/4388412/+files/log.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
Probably related: https://bugzilla.gnome.org/show_bug.cgi?id=743466 They seem to have a patch upstream for glibmm ** Bug watch added: GNOME Bug Tracker #743466 https://bugzilla.gnome.org/show_bug.cgi?id=743466 ** Also affects: gparted via https://bugzilla.gnome.org/show_bug.cgi?id=743466 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
@Philip: Yeah, I found that it runs with a script after the initial post which is why I hid it but gpartedbin is really having issues and valgrind log was run on the binary and not the launcher. $ debsums gparted /usr/bin/gparted-pkexec OK /usr/sbin/gparted OK /usr/sbin/gpartedbin OK /usr/share/appdata/gparted.appdata.xmlOK /usr/share/applications/gparted.desktop OK /usr/share/doc/gparted/README.gz OK /usr/share/doc/gparted/changelog.Debian.gzOK /usr/share/doc/gparted/copyright OK /usr/share/gnome/help/gparted/C/figures/gparted_window.pngOK /usr/share/gnome/help/gparted/C/gparted.xml OK /usr/share/icons/hicolor/16x16/apps/gparted.png OK /usr/share/icons/hicolor/22x22/apps/gparted.png OK /usr/share/icons/hicolor/24x24/apps/gparted.png OK /usr/share/icons/hicolor/32x32/apps/gparted.png OK /usr/share/icons/hicolor/48x48/apps/gparted.png OK /usr/share/icons/hicolor/scalable/apps/gparted.svgOK /usr/share/man/man8/gparted.8.gz OK /usr/share/menu/gparted OK /usr/share/omf/gparted/gparted-C.omf OK /usr/share/pixmaps/gparted.xpmOK /usr/share/polkit-1/actions/com.ubuntu.pkexec.gparted.policy OK -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
gparted (different from gpartedbin code posted above) also doesn't look like an ELF file: readelf -a /usr/sbin/gparted readelf: Error: Not an ELF file - it has the wrong magic bytes at the start dpkg -l | grep gparted ii gparted 0.19.0-2 amd64GNOME partition editor -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
Looks like it might be a bad FD? ** Attachment added: valgrind log https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+attachment/4388008/+files/log.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1450180] Re: gparted crashes immediately after started
sudo gdb gpartedbin GNU gdb (Ubuntu 7.9-1ubuntu1) 7.9 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as x86_64-linux-gnu. Type show configuration for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/. For help, type help. Type apropos word to search for commands related to word... Reading symbols from gpartedbin...(no debugging symbols found)...done. (gdb) r Starting program: /usr/sbin/gpartedbin [Thread debugging using libthread_db enabled] Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1. Program received signal SIGSEGV, Segmentation fault. 0x76a6993a in Glib::wrap_register(unsigned long, Glib::ObjectBase* (*)(_GObject*)) () from /usr/lib/x86_64-linux-gnu/libglibmm-2.4.so.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450180 Title: gparted crashes immediately after started To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/1450180/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250016] Re: Network-manager vpn dialog only shows import from file
** Also affects: network-manager-pptp Importance: Undecided Status: New ** Project changed: network-manager-pptp = network-manager ** Project changed: network-manager = network-manager-applet ** Project changed: network-manager-applet = network-manager -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250016 Title: Network-manager vpn dialog only shows import from file To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1250016/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
My cases of this bug (though it seems like there are different ones with similar symptoms) happen each time I reset a 14.04 VM to an older state from a hard shutdown. Localhost ssh connections fail as well with same output. Workaround for me is regenerating the host keys (sudo rm /etc/ssh/host_* sudo ssh-keygen -A) each time I revert the VM. Changing the cipher/kex does not seem to change the outcome. I wonder if some junk gets written to the keys in bad shutdowns. I'll see If I can debug the output of the sshd. Client log below: $ ssh root@redacted - OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.56.101 [192.168.56.101] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load /home/sg/.ssh/id_rsa as a RSA1 public key debug1: identity file /home/sg/.ssh/id_rsa type 1 debug1: identity file /home/sg/.ssh/id_rsa-cert type -1 debug1: identity file /home/sg/.ssh/id_dsa type -1 debug1: identity file /home/sg/.ssh/id_dsa-cert type -1 debug1: identity file /home/sg/.ssh/id_ecdsa type -1 debug1: identity file /home/sg/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/sg/.ssh/id_ed25519 type -1 debug1: identity file /home/sg/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x1400 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host 192.168.56.101 from file /home/sg/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /home/sg/.ssh/known_hosts:87 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug2: compat_kex_proposal: original KEX proposal: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: Compat: skipping algorithm curve25519-sha...@libssh.org debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Looks to be a No supported key exchange algorithms [preauth] problem. Regenerating the host RSA key with ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key fixes the issue Log of failure (pre-keygen) on host: $ sudo /usr/sbin/sshd -p -D -d -d -d -e debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 37 debug2: parse_server_config: config /etc/ssh/sshd_config len 37 debug3: /etc/ssh/sshd_config:1 setting PermitRootLogin yes debug3: /etc/ssh/sshd_config:2 setting LogLevel DEBUG3 debug1: sshd version OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_rsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_dsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_dsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ecdsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ed25519_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ed25519_key debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-p' debug1: rexec_argv[2]='' debug1: rexec_argv[3]='-D' debug1: rexec_argv[4]='-d' debug1: rexec_argv[5]='-d' debug1: rexec_argv[6]='-d' debug1: rexec_argv[7]='-e' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port on 0.0.0.0. Server listening on 0.0.0.0 port . debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port on ::. Server listening on :: port . debug3: fd 5 is not O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 8 config len 37 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug3: recv_rexec_state: entering fd = 5 debug3: ssh_msg_recv entering debug3: recv_rexec_state: done debug2: parse_server_config: config rexec len 37 debug3: rexec:1 setting PermitRootLogin yes debug3: rexec:2 setting LogLevel DEBUG3 debug1: sshd version OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_rsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_dsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_dsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ecdsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ed25519_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ed25519_key debug1: inetd sockets after dupping: 3, 3 Connection from 192.168.56.1 port 53307 on 192.168.56.101 port debug1: Client protocol version 2.0; client software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* compat 0x0400 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug2: fd 3 setting O_NONBLOCK debug2: Network child is on pid 3095 debug3: preauth child monitor
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
I don't know if it's related but this is the log of trying to use that RSA key to connect to a server: debug1: Trying private key: /etc/ssh/ssh_host_rsa_key debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown Enter passphrase for key '/etc/ssh/ssh_host_rsa_key': The key should not have a password AFAIK -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Well, at least in my case, I found that all the sshd host keys were truncated. I'm guessing that the hard shutdown of the VM was the cause but I'm not 100% sure. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
My cases of this bug (though it seems like there are different ones with similar symptoms) happen each time I reset a 14.04 VM to an older state from a hard shutdown. Localhost ssh connections fail as well with same output. Workaround for me is regenerating the host keys (sudo rm /etc/ssh/host_* sudo ssh-keygen -A) each time I revert the VM. Changing the cipher/kex does not seem to change the outcome. I wonder if some junk gets written to the keys in bad shutdowns. I'll see If I can debug the output of the sshd. Client log below: $ ssh root@redacted - OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.56.101 [192.168.56.101] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load /home/sg/.ssh/id_rsa as a RSA1 public key debug1: identity file /home/sg/.ssh/id_rsa type 1 debug1: identity file /home/sg/.ssh/id_rsa-cert type -1 debug1: identity file /home/sg/.ssh/id_dsa type -1 debug1: identity file /home/sg/.ssh/id_dsa-cert type -1 debug1: identity file /home/sg/.ssh/id_ecdsa type -1 debug1: identity file /home/sg/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/sg/.ssh/id_ed25519 type -1 debug1: identity file /home/sg/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x1400 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host 192.168.56.101 from file /home/sg/.ssh/known_hosts debug3: load_hostkeys: found key type ECDSA in file /home/sg/.ssh/known_hosts:87 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug2: compat_kex_proposal: original KEX proposal: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: Compat: skipping algorithm curve25519-sha...@libssh.org debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Looks to be a No supported key exchange algorithms [preauth] problem. Regenerating the host RSA key with ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key fixes the issue Log of failure (pre-keygen) on host: $ sudo /usr/sbin/sshd -p -D -d -d -d -e debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 37 debug2: parse_server_config: config /etc/ssh/sshd_config len 37 debug3: /etc/ssh/sshd_config:1 setting PermitRootLogin yes debug3: /etc/ssh/sshd_config:2 setting LogLevel DEBUG3 debug1: sshd version OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_rsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_dsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_dsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ecdsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ed25519_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ed25519_key debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-p' debug1: rexec_argv[2]='' debug1: rexec_argv[3]='-D' debug1: rexec_argv[4]='-d' debug1: rexec_argv[5]='-d' debug1: rexec_argv[6]='-d' debug1: rexec_argv[7]='-e' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port on 0.0.0.0. Server listening on 0.0.0.0 port . debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port on ::. Server listening on :: port . debug3: fd 5 is not O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 8 config len 37 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug3: recv_rexec_state: entering fd = 5 debug3: ssh_msg_recv entering debug3: recv_rexec_state: done debug2: parse_server_config: config rexec len 37 debug3: rexec:1 setting PermitRootLogin yes debug3: rexec:2 setting LogLevel DEBUG3 debug1: sshd version OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_rsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_rsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_dsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_dsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ecdsa_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ecdsa_key debug3: Truncated RSA1 identifier debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown debug3: Truncated RSA1 identifier debug3: Could not load /etc/ssh/ssh_host_ed25519_key as a RSA1 public key Could not load host key: /etc/ssh/ssh_host_ed25519_key debug1: inetd sockets after dupping: 3, 3 Connection from 192.168.56.1 port 53307 on 192.168.56.101 port debug1: Client protocol version 2.0; client software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* compat 0x0400 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug2: fd 3 setting O_NONBLOCK debug2: Network child is on pid 3095 debug3: preauth child monitor
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
I don't know if it's related but this is the log of trying to use that RSA key to connect to a server: debug1: Trying private key: /etc/ssh/ssh_host_rsa_key debug1: key_parse_private2: missing begin marker debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type unknown Enter passphrase for key '/etc/ssh/ssh_host_rsa_key': The key should not have a password AFAIK -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Well, at least in my case, I found that all the sshd host keys were truncated. I'm guessing that the hard shutdown of the VM was the cause but I'm not 100% sure. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/708493 Title: Can't login anymore: Read from socket failed: Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1073062] Re: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed
@andornaut makes sense. when mine worked, i was doing the manual sudo update-initramfs -u -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1073062 Title: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed To manage notifications about this bug go to: https://bugs.launchpad.net/fglrx/+bug/1073062/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1073062] Re: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed
@Ronni If you have Radeon cards, I'm curious as to why do you have a nvidia kernel module? Either way, I think the issue is caused by dkms' handling of alias off commands so it might be good to grep though that directory (modprobe.d) to find occurrences of it -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1073062 Title: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed To manage notifications about this bug go to: https://bugs.launchpad.net/nvidia-drivers-ubuntu/+bug/1073062/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1073062] Re: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed
@Ronni after reading the full thread (my fault for not being diligent enough) you are correct and post 35 is what I found as well. The fix I mentioned got my machine hardware configuration in a working state to be able to use it but it definitively is not the permanent solution. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1073062 Title: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed To manage notifications about this bug go to: https://bugs.launchpad.net/nvidia-drivers-ubuntu/+bug/1073062/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1073062] Re: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed
Bug is related to nvidia video drivers; Commenting out: alias nouveau off alias lbm-nouveau off from /etc/modprobe.d/nvidia-304_hybrid.conf allowed the update-initramfs to complete ** Also affects: nvidia-drivers-ubuntu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1073062 Title: modprobe: Assertion `kmod_module_get_initstate(m) == KMOD_MODULE_BUILTIN' failed To manage notifications about this bug go to: https://bugs.launchpad.net/nvidia-drivers-ubuntu/+bug/1073062/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 974260] Re: Screen brightness does not persist over reboots
On ubuntu-nexus7, I don't think this bug applies as the user reports are caused by /usr/bin/luxd dynamically setting the brightness based on the light sensor input. I'm adding more info to Nexus 7 bug report (https://bugs.launchpad.net/ubuntu-nexus7/+bug/1075473) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/974260 Title: Screen brightness does not persist over reboots To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-nexus7/+bug/974260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
