[Bug 1575961] Re: OpenSSH Client Certificate Auth Regression

Martin Pitt martin.pitt at ubuntu.com
Thu Apr 28 08:45:19 UTC 2016 

Hello Paul, or anyone else affected,

Accepted openssh into xenial-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: openssh (Ubuntu Xenial)
       Status: In Progress => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1575961

Title:
  OpenSSH Client Certificate Auth Regression

Status in openssh package in Ubuntu:
  Fix Committed
Status in openssh source package in Xenial:
  Fix Committed

Bug description:
  OpenSSH Client Certificates worked in Ubuntu 15.10 and 14.04 LTS --
  but not 16.04.

  OpenSSH 7.2.p2 includes a bug in how it loads keys & certificates, and
  basically will never find the correct private key for an OpenSSH
  Client Certificate.

  This is the upstream bug:

  https://bugzilla.mindrot.org/show_bug.cgi?id=2550

  Fix was committed on March 14:

  https://github.com/openssh/openssh-
  portable/commit/c38905ba391434834da86abfc988a2b8b9b62477

  I've tested with the attached patch, and it allows Client Certificate
  auth to work at all.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1575961/+subscriptions

More information about the Ubuntu-sponsors mailing list