Fix broken handling of first_kex_follows clients
Bug #1526357 reported by
Matt Johnston
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Fix Released
|
High
|
Colin Watson |
Bug Description
OpenSSH versions between 6.8 and 7.1 inclusive have a regression that breaks connections from clients that use SSH first_kex_follows feature. This affects connections from the Dropbear SSH client (dbclient), they fail with "bad hostkey signature" or similar. It may affect ssh.com clients too.
This has been fixed in upstream in the attached patch, it would be worthwhile including in Xenial if it's going to ship with the current OpenSSH 7.1. Upstream change 1.115 http://
https:/
description: | updated |
Changed in openssh (Ubuntu): | |
status: | New → Fix Committed |
assignee: | nobody → Colin Watson (cjwatson) |
importance: | Undecided → High |
To post a comment you must log in.
The attachment "From http:// cvsweb. openbsd. org/cgi- bin/cvsweb/ src/usr. bin/ssh/ kex.c.diff? r1=1.114& r2=1.115" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]