Bug#312312: woody->sarge upgrade updates ssh_host_key, but not ssh_host_key.pub
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: normal
*** Please type your report below this line ***
The title pretty much says it all. Apologes if I'm missing something,
but the upgrades I did during woody didn't remake the ssh_host_key.
Should this be happening when upgrading to the sarge version?
I didn't see this mentioned in a quick grep thru /usr/share/doc/ssh.
I upgraded from 1:3.4p1-1.woody.3 to 1:3.8.1p1-8.sarge.4 today,
and noticed a change.
ls -lt /etc/ssh/ssh_host*
-rw------- 1 root root 527 Jun 7 16:01 /etc/ssh/ssh_host_key
-rw------- 1 root root 668 Jul 9 2003 /etc/ssh/ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Jul 9 2003 /etc/ssh/ssh_host_dsa_key.pub
-rw------- 1 root root 887 Jul 9 2003 /etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Jul 9 2003 /etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 331 Jul 9 2003 /etc/ssh/ssh_host_key.pub
I had backed up the old keys, for reference:
ls -lt /old/etc/ssh/ssh_host*
-rw------- 1 root root 527 Feb 2 2004 /old/etc/ssh/ssh_host_key
-rw------- 1 root root 668 Jul 9 2003 /old/etc/ssh/ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Jul 9 2003 /old/etc/ssh/ssh_host_dsa_key.pub
-rw------- 1 root root 887 Jul 9 2003 /old/etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Jul 9 2003 /old/etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 331 Jul 9 2003 /old/etc/ssh/ssh_host_key.pub
md5sum /etc/ssh/ssh_host_key /old/etc/ssh/ssh_host_key
(just showing the first 4 bytes; but they differ all right)
5cd1XXXXXXXXXXXXXXXXXXXXXXXXXXXX /etc/ssh/ssh_host_key
7b8dXXXXXXXXXXXXXXXXXXXXXXXXXXXX /old/etc/ssh/ssh_host_key
I'll try another sarge upgrade to let you know if it's reproducible.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages ssh depends on:
ii adduser 3.63 Add and remove users and groups
ii debconf 1.4.30.13 Debian configuration management sy
ii dpkg 1.10.28 Package maintenance system for Deb
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-4 compression library - runtime
-- debconf information:
* ssh/privsep_tell:
ssh/insecure_rshd:
ssh/privsep_ask: true
ssh/ssh2_keys_merged:
* ssh/user_environment_tell:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/protocol2_only: false
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
* ssh/SUID_client: true
ssh/disable_cr_auth: false
Reply to: