Bug#1006463: marked as done (openssh-server: Can't login on any 32-bit box anymore after the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY")

To: Colin Watson <cjwatson@debian.org>
Subject: Bug#1006463: marked as done (openssh-server: Can't login on any 32-bit box anymore after the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY")
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Fri, 25 Feb 2022 23:51:04 +0000
Message-id: <[🔎] handler.1006463.D1006445.164583295413086.ackdone@bugs.debian.org>
Reply-to: 1006463@bugs.debian.org
References: <E1nNkKl-000D8n-L4@fasolo.debian.org> <[🔎] 87zgmewuk8.fsf@c6.deuxchevaux.org>

Your message dated Fri, 25 Feb 2022 23:49:11 +0000
with message-id <E1nNkKl-000D8n-L4@fasolo.debian.org>
and subject line Bug#1006445: fixed in openssh 1:8.9p1-3
has caused the Debian Bug report #1006445,
regarding openssh-server: Can't login on any 32-bit box anymore after the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1006445: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006445
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: openssh-client: Can't login on two i386 boxes anymore since the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY"
From: Axel Beckert <abe@debian.org>
Date: Fri, 25 Feb 2022 21:38:31 +0100
Message-id: <[🔎] 87zgmewuk8.fsf@c6.deuxchevaux.org>

Package: openssh-server
Version: 1:8.9p1-2
Severity: grave

Hi,

TL;DR: OpenSSH clients (at least 8.8 and 8.9) can't talk with OpenSSH
8.9 servers in some cases (common property so far: if and only if it's
i386 on the server-side), but 8.9 clients can talk with 8.8 servers in
the same cases (i.e. i386 on the server-side) after downgrading the
server-side. i386 OpenSSH clients can't talk to i386 8.9 servers either.

Full details:

Since I've upgraded my Debian Unstable boxes to 1:8.9p1-2, I can't login
from my desktop (Sid amd64) to at least two hosts (both Sid i386)
anymore:

~ → ssh -v 192.168.1.179
OpenSSH_8.9p1 Debian-2, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.179 [192.168.1.179] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type 2
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type -1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Debian-2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Debian-2
debug1: compat_banner: match: OpenSSH_8.9p1 Debian-2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.179:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection reset by 192.168.1.179 port 22

~ → ssh -v 192.168.1.108
OpenSSH_8.9p1 Debian-2, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.108 [192.168.1.108] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type 2
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type -1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Debian-2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Debian-2
debug1: compat_banner: match: OpenSSH_8.9p1 Debian-2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.108:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
ssh_dispatch_run_fatal: Connection to 192.168.1.108 port 22: Broken pipe

I though still can login on an Sid amd64 running VM:

~ → ssh -v 192.0.2.21
OpenSSH_8.9p1 Debian-2, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.0.2.21 [192.0.2.21] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type 2
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type -1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Debian-2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Debian-2
debug1: compat_banner: match: OpenSSH_8.9p1 Debian-2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.0.2.21:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-rsa SHA256:8H…
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '192.0.2.21' is known and matches the RSA host key.
debug1: Found key in /home/abe/.ssh/known_hosts:370
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: agent returned 6 keys
debug1: Will attempt key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa ECDSA SHA256:n0… agent
debug1: Will attempt key: /home/abe/.ssh/id_ed25519 ED25519 SHA256:HV… agent
debug1: Will attempt key: /home/abe/.ssh/id_rsa RSA SHA256:nS… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa ECDSA SHA256:kC… agent
debug1: Will attempt key: abe@emehari ED25519 SHA256:En… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/abe/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/abe/.ssh/id_xmss
debug1: Will attempt key: /home/abe/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
debug1: Server accepts key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
Authenticated to 192.0.2.21 ([192.0.2.21]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/abe/.ssh/known_hosts for 192.0.2.21 / (none)
debug1: client_input_hostkeys: searching /home/abe/.ssh/known_hosts2 for 192.0.2.21 / (none)
debug1: client_input_hostkeys: host key found matching a different name/address, skipping UserKnownHostsFile update
debug1: Remote: /home/abe/.ssh/authorized_keys:26: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/abe/.ssh/authorized_keys:26: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending environment.
debug1: channel 0: setting env LANG = "C.UTF-8"
debug1: channel 0: setting env TERM = "xterm-256color"
debug1: channel 0: setting env GIT_EDITOR = "zile"
debug1: channel 0: setting env GIT_COMMITTER_NAME = "Axel Beckert"
debug1: channel 0: setting env GIT_AUTHOR_NAME = "Axel Beckert"
debug1: channel 0: setting env GIT_COMMITTER_EMAIL = "abe@d….org"
debug1: channel 0: setting env GIT_AUTHOR_EMAIL = "abe@….org"
Linux example 5.16.0-1-amd64 #1 SMP PREEMPT Debian 5.16.7-2 (2022-02-09) x86_64
[…]

Downgrading the openssh-server on the server-side (and hence all other
openssh-built packages on the server-side as well) resolves the issue:

~ → ssh -v 192.168.1.179
OpenSSH_8.9p1 Debian-2, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.179 [192.168.1.179] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type 2
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type -1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Debian-2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8p1 Debian-1
debug1: compat_banner: match: OpenSSH_8.8p1 Debian-1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.179:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:sX…
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '192.168.1.179' is known and matches the ECDSA host key.
debug1: Found key in /home/abe/.ssh/known_hosts:472
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: agent returned 6 keys
debug1: Will attempt key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa ECDSA SHA256:n0… agent
debug1: Will attempt key: /home/abe/.ssh/id_ed25519 ED25519 SHA256:HV… agent
debug1: Will attempt key: /home/abe/.ssh/id_rsa RSA SHA256:nS… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa ECDSA SHA256:kC… agent
debug1: Will attempt key: abe@emehari ED25519 SHA256:En… agent
debug1: Will attempt key: /home/abe/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/abe/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/abe/.ssh/id_xmss
debug1: Will attempt key: /home/abe/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
debug1: Server accepts key: /home/abe/.ssh/id_rsa RSA SHA256:AO… agent
Authenticated to 192.168.1.179 ([192.168.1.179]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/abe/.ssh/known_hosts for 192.168.1.179 / (none)
debug1: client_input_hostkeys: searching /home/abe/.ssh/known_hosts2 for 192.168.1.179 / (none)
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Remote: /home/abe/.ssh/authorized_keys:12: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/abe/.ssh/authorized_keys:12: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending environment.
debug1: channel 0: setting env LANG = "C.UTF-8"
debug1: channel 0: setting env TERM = "xterm-256color"
debug1: channel 0: setting env GIT_EDITOR = "zile"
debug1: channel 0: setting env GIT_COMMITTER_NAME = "Axel Beckert"
debug1: channel 0: setting env GIT_AUTHOR_NAME = "Axel Beckert"
debug1: channel 0: setting env GIT_COMMITTER_EMAIL = "abe@….org"
debug1: channel 0: setting env GIT_AUTHOR_EMAIL = "abe@….org"
Linux example2 5.15.0-3-686-pae #1 SMP Debian 5.15.15-1 (2022-01-18) i686
[…]

And just to cross-check the other way round, here's a try connecting
with the 8.8 client to one of the issues having 8.9 clients:

~ → ssh -v 192.168.1.108
OpenSSH_8.8p1 Debian-1, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.108 [192.168.1.108] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type -1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type 2
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8p1 Debian-1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Debian-2
debug1: compat_banner: match: OpenSSH_8.9p1 Debian-2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.108:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection reset by 192.168.1.108 port 22

So the issue is clearly on the server-side. And so far I only ran into
it with OpenSSH 8.9 on i386 on the server-side and all my (two) i386 Sid
boxes are affected.

Even connecting from one of them (the one I downgraded already to 8.8)
to the other one (i.e. i386 8.8 client to i386 8.9 server) fails:

~ → ssh -v 192.168.1.108
OpenSSH_8.8p1 Debian-1, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /home/abe/.ssh/config
debug1: /home/abe/.ssh/config line 123: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.108 [192.168.1.108] port 22.
debug1: Connection established.
debug1: identity file /home/abe/.ssh/id_rsa type 0
debug1: identity file /home/abe/.ssh/id_rsa-cert type -1
debug1: identity file /home/abe/.ssh/id_dsa type 1
debug1: identity file /home/abe/.ssh/id_dsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa type -1
debug1: identity file /home/abe/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/abe/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519 type 3
debug1: identity file /home/abe/.ssh/id_ed25519-cert type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk type -1
debug1: identity file /home/abe/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/abe/.ssh/id_xmss type -1
debug1: identity file /home/abe/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8p1 Debian-1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Debian-2
debug1: compat_banner: match: OpenSSH_8.9p1 Debian-2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.108:22 as 'abe'
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
ssh_dispatch_run_fatal: Connection to 192.168.1.108 port 22: Broken pipe

Hint: Bug report written on the client side, i.e. on the amd64 box from
which I initially tried to connect to one of the i386 boxes.

Can dig up further details on the i386 boxes if wanted. Will though soon
downgrade the remaining one to 8.8 from Testing, too. Can also upgrade
to 8.9 again for some testing if needed.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'), (1, 'buildd-experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages openssh-client depends on:
ii  adduser           3.118
ii  dpkg              1.21.1
ii  libc6             2.33-7
ii  libedit2          3.1-20210910-1
ii  libfido2-1        1.10.0-1
ii  libgssapi-krb5-2  1.19.2-2
ii  libselinux1       3.3-1+b1
ii  libssl1.1         1.1.1m-1
ii  passwd            1:4.11.1+dfsg1-1
ii  zlib1g            1:1.2.11.dfsg-2

Versions of packages openssh-client recommends:
ii  xauth  1:1.1-1

Versions of packages openssh-client suggests:
pn  keychain                              <none>
ii  kwalletcli [ssh-askpass]              3.03-1
pn  libpam-ssh                            <none>
ii  lxqt-openssh-askpass [ssh-askpass]    0.16.0-1
ii  monkeysphere                          0.43-3.1
ii  ssh-askpass-fullscreen [ssh-askpass]  0.3-3.1+b3

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 1006445-close@bugs.debian.org
Subject: Bug#1006445: fixed in openssh 1:8.9p1-3
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 25 Feb 2022 23:49:11 +0000
Message-id: <E1nNkKl-000D8n-L4@fasolo.debian.org>
Reply-to: Colin Watson <cjwatson@debian.org>

Source: openssh
Source-Version: 1:8.9p1-3
Done: Colin Watson <cjwatson@debian.org>

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1006445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 25 Feb 2022 23:30:49 +0000
Source: openssh
Architecture: source
Version: 1:8.9p1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Closes: 1006445
Changes:
 openssh (1:8.9p1-3) unstable; urgency=medium
 .
   * Allow ppoll_time64 in seccomp filter (closes: #1006445).
Checksums-Sha1:
 6bcada9d5d735eb6aaedd80b049078e4a0fb20b9 3347 openssh_8.9p1-3.dsc
 293975449fd17feac51d17ea297ee4dcc9fabe4b 187396 openssh_8.9p1-3.debian.tar.xz
Checksums-Sha256:
 a2a80fc6996b7515d78ba95a9af0bb2118c77c0c7667ec88800289cb3b37116a 3347 openssh_8.9p1-3.dsc
 622cf1c9ab5e804d39400d97ca2a57324c02773af0f27c60c20dcff22c82ca97 187396 openssh_8.9p1-3.debian.tar.xz
Files:
 c96150a1b2cfb8479b4742f0948e9d9a 3347 net standard openssh_8.9p1-3.dsc
 9d751b8e3262ebef8413ae311f8dd7d3 187396 net standard openssh_8.9p1-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmIZZs8ACgkQOTWH2X2G
UAtJbg/+PhzuRz33ZtOoMtdBWzUe+2vS3uPV57+G6x94VX+G0TplHwiMrfAqJc9t
RHH85QqCBOe6qRN8emRUxOwm0MZsIUgStHcuvgqctkKzGT4RFucj3jc3B78G9SqS
WbIPqkHF2+755HAXgt+PWp9grvKVZ0ptrbRpoveeY6RSNXJqGtbqwmsCe31s6GXo
iLSxNlEkf+8vzlaV6fe4md/xYRFOZBBef63JtmY0geUODwWwVfMI3ExKHfdxnAZf
oaGMmZ5MqSatu/U6jhswGiNxgixsvo5E68dmtrCecyC0JzSlgYIXoWH3PUg5R6UT
lvvdjbJw9JJjuN2QfPZabWR+9RexW02ipTllhyD0s1N3fQNqhJBMiuQbwKa0BiQX
BACzCeSMhtow4KD53Me7OOcECAUy+i8wKgQ6egZ02xT2kFSO9+laoTFnEMeA1rtG
aan7Aj+7JspAzwSISqDkyMvXirmriTUrJf7PjyldQZuXVPFaq8Wzx5My95mTh9ad
nHXHIhl3TUCOzNQfzVa5jEvvcwdbE2h5zZs0bVgK8y6V8SYyyYwNJImMWPGK/uyU
/jMkt/KUTOafPntA7/4IfoyD90vMaehDH0Mk3feIk09eTIvpeLivV6m34NXpL3ax
z5g/TkrGAAlsj8aTJA2LsyPKu0jJSqQkN2qIoYDO+aGqA/I9uP0=
=zjET
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#1006463: openssh-client: Can't login on two i386 boxes anymore since the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY"
  - From: Axel Beckert <abe@debian.org>

Prev by Date: Bug#1006445: marked as done (openssh-server: Killed by seccomp after accepting connection (i386))
Next by Date: Processing of openssh_8.9p1-3_source.changes
Previous by thread: Processed: Re: Bug#1006463: openssh-client: Can't login on two i386 boxes anymore since the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY"
Next by thread: Processed: retitle 1006463 to openssh-server: Can't login on two i386 boxes anymore since the server-side has been upgraded to 8.9p1: "debug1: expecting SSH2_MSG_KEX_ECDH_REPLY"
Index(es):
- Date
- Thread