Re: openssh remote upgrade procedure?
On Tue, 20 May 2008 20:45:20 +0100
"Alexandros Papadopoulos" <firstname.lastname@example.org> wrote:
> 3. Testing to see if you can still get on to a server is exactly what
> I would have done, if my connection had not been killed by the server
> itself a few seconds after upgrading the packages. This happened on
> two servers running different versions of debian (etch & lenny).
This is not normal. I have upgraded two of my servers where I have also
only SSH access, and I didn't experience any breakage of the
connection. Since you have experienced this on both an etch and a lenny
machine, something points in the direction of, that you have done
something wrong, perhaps with you initial setup.
> 4. So I did get bitten by "this" - whatever that is. Now how do I fix
> it? I have employed local staff to relax the restrictions of
> sshd_config and restart the daemon, with absolutely no change in
So at this point you cannot gain access on the machine at all using
SSH, but you have a local staff with access. Make them purge (not just
delete) the openssh-server, and re-install it.
> a) How/why were my active connections to the server killed right after
> upgrading and
Almost impossible to know since so far you are the only one reporting
> b) Why I am not allowed access now that I try to utilise the simplest
> of all, keyboard interactive authentication. I'd suspect breakage
> between the new openssh daemon and the authentication mechanisms (PAM,
> GSSAPI, you-name-it), but on two different distributions
Perhaps, but a purge would solve the problem then.
> I'd appreciate any helpful comment both for my case and for the
> benefit of anyone else who gets "bit" by what has historically been a
> quite safe and painless procedure: updating a Debian system.
I hope you find the solution quickly.
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
Med venlig hilsen/Best regards
Kim N. Lesmer
Web : www.bitflop.com
E-mail : email@example.com