[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#491263: network-console, etch netinst, openssh

reassign 491263 debian-installer 20070308etch2

On Friday 18 July 2008, Mike Edwards wrote:
> A few issues relating to network-console on etch netinst 4.0r3:
> * Keys generated by network-console are found on the blacklist included
> with newer versions of openssh-server.
> * If network-console is used for a new installation, openssh-server is
> installed on the new system, but .broken keys are left lying around in
> /etc/ssh.
> * Likewise to above, the rsa host key (/etc/ssh/ssh_host_rsa_key.pub)
> is found to be on the blacklist, and appears that it may be the same
> rsa key used during installation via network-console.

That is correct. Thanks for alerting us to the issue.

For most architectures c.q. installation methods this will be fixed 
automatically with the next point release (coming very soon) as the fixed 
version of openssh will be included on the CD images.

What (I personally at least) had not realized yet is that that still 
leaves a few cases where network-console is included in the D-I initrds. 
This affects in particular s390, arm (iop32x/ixp4xx) and mipsel (cobalt).

Stable Release team:
Have fixed versions of openssh/openssl already been accepted into p-u?

If they have and given the above I propose to do a new upload of 
debian-installer to be included in 4.0r4. If all goes well, they should 
be built with time to spare for the planned schedule but we would need 
quick responses if there are issues.

Any objections against an upload? There would be no other changes.


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: