[Bug 1608965] Re: ssh GSSAPI rekey failure

2017-01-17 Thread Launchpad Bug Tracker
This bug was fixed in the package openssh - 1:7.4p1-6

---
openssh (1:7.4p1-6) unstable; urgency=medium

  * Remove temporary file on exit from postinst (closes: #850275).
  * Remove LOGIN_PROGRAM and LOGIN_NO_ENDOPT definitions, since UseLogin is
gone.
  * Document sshd_config changes that may be needed following the removal of
protocol 1 support from sshd (closes: #851573).
  * Remove ssh_host_dsa_key from HostKey default (closes: #850614).
  * Fix rekeying failure with GSSAPI key exchange (thanks, Harald Barth;
closes: #819361, LP: #1608965).

 -- Colin Watson   Mon, 16 Jan 2017 15:11:10 +

** Changed in: openssh (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2017-01-16 Thread Colin Watson
I've applied this patch to Debian unstable (thanks!), so it'll be in
Ubuntu 17.04.  I'd be happy to help somebody issue stable updates for
16.04 and 16.10, but am unlikely to have time to do that myself.

** Also affects: openssh (Ubuntu Yakkety)
   Importance: Undecided
   Status: New

** Also affects: openssh (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: openssh (Ubuntu Xenial)
   Status: New => Triaged

** Changed in: openssh (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: openssh (Ubuntu Yakkety)
   Status: New => Triaged

** Changed in: openssh (Ubuntu Yakkety)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2017-01-11 Thread Harald
> It does not seem to honor "ReKeyLimit 0G 1H" in my case.

Have you tried "RekeyLimit 0" on _both_ ends?

Harald.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2017-01-11 Thread Harald
I submitted a patch. See https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=819361

Patch inline:
-
--- sshconnect2.c.orig  2017-01-04 19:47:10.0 +0100
+++ sshconnect2.c   2017-01-05 04:13:08.977425272 +0100
@@ -222,7 +222,6 @@
orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
xasprintf([PROPOSAL_SERVER_HOST_KEY_ALGS],
"%s,null", orig);
-   free(gss);
}
}
 #endif
@@ -273,6 +272,16 @@
/* remove ext-info from the KEX proposals for rekeying */
myproposal[PROPOSAL_KEX_ALGS] =
compat_kex_proposal(options.kex_algorithms);
+#ifdef GSSAPI
+   /* repair myproposal after it was crumpled by the */
+   /* ext-info removal above */
+   if (gss) {
+   orig = myproposal[PROPOSAL_KEX_ALGS];
+   xasprintf([PROPOSAL_KEX_ALGS],
+ "%s,%s", gss, orig);
+   free(gss);
+   }
+#endif
if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
fatal("kex_prop2buf: %s", ssh_err(r));

-
This patch should be merged with gssapi.patch (for obvious reasons).

Harald.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2016-11-28 Thread Robie Basak
> Any news on handling this bug?

Sorry, this is deep in the backlog and I don't expect Ubuntu developers
to look into this any time soon on a volunteer basis.

I suggest that you try the latest upstream openssh release, and if it is
still an issue there, then raise the bug upstream if it hasn't been
reported already.

If it is fixed in the latest upstream release, then if you could
identify the fix then we can do something about it in Ubuntu.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2016-11-21 Thread Rene Jensen
Still a problem the rekeying on 16.04 using openssh 7.2p2-4. Tried to
install 7.3p1-1 on a 16.04 exact same problem. Scp and sftp stalls at
aroung 1G when rekeying and setting RekeyLimit in either ssh_config or
.ssh/config does not have any affect on rekeying.

Any news on handling this bug?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2016-10-17 Thread Nish Aravamudan
I believe this was also reported to Debian as https://bugs.debian.org
/cgi-bin/bugreport.cgi?bug=819361. Thank you for filing this report! We
might need to follow-up with the upstream openssh community to help
debug this.

** Bug watch added: Debian Bug tracker #819361
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819361

** Changed in: openssh (Ubuntu)
   Status: Confirmed => Triaged

** Changed in: openssh (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2016-10-14 Thread Björn Ramberg
+1 on this and see the exact same. Also its still seen in the 16.04
openssh-client 1:7.2p2-4ubuntu2.1. Any valid workarounds on this?

It does not seem to honor "ReKeyLimit 0G 1H" in my case.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 1608965] Re: ssh GSSAPI rekey failure

2016-10-14 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: openssh (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965

Title:
  ssh GSSAPI rekey failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs