[Bug 420813] [NEW] ssh blacklisting of private keys 9.04_64
rlopez
rlopez at cnm.edu
Fri Aug 28 23:51:09 BST 2009
Public bug reported:
Similar to: 328127, 328445 348126
Three servers were installed using the same script to configure them
after installing 9.04_64. In all ways they function identically except
one of them is blacklisting some keys of some systems administrators. We
all have had our keys for quite some time and these three systems are
among hundreds of RHEL and Solaris servers where all the keys are
working just fine.
The three servers are all HP ProLiant DL360 G5.
# dpkg -S /usr/sbin/sshd
openssh-server: /usr/sbin/sshd
# lsb_release -rd
Description: Ubuntu 9.04
Release: 9.04
# apt-cache policy openssh-server
openssh-server:
Installed: 1:5.1p1-5ubuntu1
Candidate: 1:5.1p1-5ubuntu1
Version table:
*** 1:5.1p1-5ubuntu1 0
500 http://us.archive.ubuntu.com jaunty/main Packages
100 /var/lib/dpkg/status
ssh-vulnkey -a lists the failing keys as blacklisted. Debugging confirms
the keys are examined and not used.
Generating a new key on a Dell Optiplex GX620 results running 9.04
results NOT blacklisting, but login fails with a failure to sign key
message and password option is not made available. Adding the old key
back to authorized keys results in immediate blacklisting again.
Keys from non-Ubuntu systems have no problems. Only keys from Ubuntu
(several recent versions) have been blacklisted.
There is no seahorse involved.
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
ssh blacklisting of private keys 9.04_64
https://bugs.launchpad.net/bugs/420813
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
More information about the Ubuntu-server-bugs
mailing list