Bug#151743: marked as done (ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337")

To: Colin Watson <cjwatson@debian.org>
Cc: Matthew Vernon <matthew@debian.org>
Subject: Bug#151743: marked as done (ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337")
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 09 Sep 2005 07:48:16 -0700
Message-id: <[🔎] handler.151743.D151743.112627612229130.ackdone@bugs.debian.org>
In-reply-to: <20050909142839.GE30913@riva.ucam.org>
References: <20050909142839.GE30913@riva.ucam.org> <E17Pac8-0006y2-00@vexed.aus.hp.com>

Your message dated Fri, 9 Sep 2005 15:28:39 +0100
with message-id <20050909142839.GE30913@riva.ucam.org>
and subject line "bad plaintext length" (was Re: Bug#151743: Can't verify this :( [was: ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337"])
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 3 Jul 2002 03:16:52 +0000
>From mbp@samba.org Tue Jul 02 22:16:52 2002
Return-path: <mbp@samba.org>
Received: from palrel13.hp.com [156.153.255.238] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17PadQ-00078J-00; Tue, 02 Jul 2002 22:16:52 -0500
Received: from hpausa5.aus.hp.com (hpausa5.aus.hp.com [15.23.66.135])
	by palrel13.hp.com (Postfix) with ESMTP
	id 5863E40096D; Tue,  2 Jul 2002 20:16:12 -0700 (PDT)
Received: from vexed.aus.hp.com (nevada.aus.hp.com [15.30.165.16]) by hpausa5.aus.hp.com with ESMTP (8.8.6 (PHNE_14041)/8.8.6 SMKit7.03) id NAA13010; Wed, 3 Jul 2002 13:16:05 +1000 (EST)
Received: from mbp by vexed.aus.hp.com with local (Exim 3.35 #1 (Debian))
	id 17Pac8-0006y2-00; Wed, 03 Jul 2002 11:15:32 +0800
Subject: ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337"
From: "Martin Pool" <mbp@samba.org>
To: "Debian Bug Tracking System" <submit@bugs.debian.org>
X-Mailer: reportbug 1.99.43
Date: Wed, 03 Jul 2002 13:15:32 +1000
Message-Id: <E17Pac8-0006y2-00@vexed.aus.hp.com>
Sender: Martin Pool <mbp@vexed.ozlabs.hp.com>
Delivered-To: submit@bugs.debian.org

Package: ssh
Version: 1:3.4p1-2
Severity: grave
Justification: renders package unusable

When I try to install 3.4p1-2 via apt, I get this:

Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, ssh is already the newest version.
0 packages upgraded, 0 newly installed, 0 to remove and 61  not upgraded.
2 packages not fully installed or removed.
Need to get 0B of archives. After unpacking 0B will be used.
Setting up ssh (3.4p1-2) ...
cipher_encrypt: bad plaintext length 337
dpkg: error processing ssh (--configure):
 subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of ssh-askpass-gnome:
 ssh-askpass-gnome depends on ssh (>= 1:1.2pre7-4); however:
  Package ssh is not configured yet.
dpkg: error processing ssh-askpass-gnome (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 ssh
 ssh-askpass-gnome
E: Sub-process /usr/bin/dpkg returned an error code (1)


Running strace on the post-installation script shows that the message
comes from execution of this command: 

execve("/usr/bin/ssh-keygen", ["ssh-keygen", "-p", "-N", "", "-f", "/etc/ssh/ssh_host_key"], [/* 44 vars */]) 

just after it tries to read /etc/ssh/ssh_host_key.  Running that
command from the command line reproduces the same error.

It seems that this command is called from check_idea_key() in
ssh.postinst.  

If I move the v1 host key out of the way, then postinst does not run
this command, and installation proceeds without error.

My SSH1 key was working perfectly well with previous versions
(unstable ~3 days ago) as far as I could tell.

It seems that this bug can leave ssh half-configured, which is
obviously a potentially severe problem for machines with only ssh
access.

I still have the keyfile in case you want it.  It identifies itself as
"SSH PRIVATE KEY FILE FORMAT 1.1".

Cheers,
-- 
Martin




-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux anomic 2.4.18 #55 Mon Apr 29 12:28:16 WST 2002 i686
Locale: LANG=C, LC_CTYPE=

Versions of packages ssh depends on:
ii  adduser                       3.47       Add and remove users and groups
ii  debconf                       1.1.14     Debian configuration management sy
ii  libc6                         2.2.5-7    GNU C Library: Shared libraries an
ii  libpam-modules                0.72-35    Pluggable Authentication Modules f
ii  libpam0g                      0.72-35    Pluggable Authentication Modules l
ii  libssl0.9.6                   0.9.6d-1   SSL shared libraries
ii  libwrap0                      7.6-9      Wietse Venema's TCP wrappers libra
ii  zlib1g                        1:1.1.4-1  compression library - runtime

-- debconf information:
* ssh/ssh2_keys_merged: 
  ssh/new_config: true
* ssh/rootlogin_warning: 
  ssh/insecure_rshd: 
* ssh/privsep_tell: 
* ssh/forward_warning: 
  ssh/ancient_version: 
  ssh/protocol2_only: true
* ssh/protocol2_default: 
* ssh/insecure_telnetd: 
* ssh/run_sshd: true
  ssh/encrypted_host_key_but_no_keygen: 
* ssh/use_old_init_script: true
* ssh/upgrade_to_openssh: true
* ssh/SUID_client: false
  ssh/privsep_ask: true


---------------------------------------
Received: (at 151743-done) by bugs.debian.org; 9 Sep 2005 14:28:42 +0000
>From cjwatson@flatline.org.uk Fri Sep 09 07:28:42 2005
Return-path: <cjwatson@flatline.org.uk>
Received: from mail.metronet.co.uk [213.162.97.75] 
	by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
	id 1EDjru-0007Zh-00; Fri, 09 Sep 2005 07:28:42 -0700
Received: from riva.pelham.vpn.ucam.org (83-216-156-196.colinw664.adsl.metronet.co.uk [83.216.156.196])
	by smtp.metronet.co.uk (MetroNet Mail) with ESMTP
	id 8467640B71F; Fri,  9 Sep 2005 15:28:29 +0100 (BST)
Received: from cjwatson by riva.pelham.vpn.ucam.org with local (Exim 3.36 #1 (Debian))
	id 1EDjrr-0001oU-00; Fri, 09 Sep 2005 15:28:39 +0100
Date: Fri, 9 Sep 2005 15:28:39 +0100
From: Colin Watson <cjwatson@debian.org>
To: 151743-done@bugs.debian.org
Cc: Jonathan Amery <jdamery@chiark.greenend.org.uk>
Subject: Re: "bad plaintext length" (was Re: Bug#151743: Can't verify this :( [was: ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337"])
Message-ID: <20050909142839.GE30913@riva.ucam.org>
References: <E17Q2wE-0002B1-00@chiark.greenend.org.uk> <20020708060912.GA2977@samba.org> <E17UGp4-0007cA-00@chiark.greenend.org.uk> <20021026183211.GA10244@riva.ucam.org> <20021120011112.GG25174@toey.sourcefrog.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021120011112.GG25174@toey.sourcefrog.net>
User-Agent: Mutt/1.5.9i
Delivered-To: 151743-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02

Source: openssh
Source-Version: 1:4.1p1-7

On Tue, Nov 19, 2002 at 05:11:13PM -0800, Martin Pool wrote:
> On 26 Oct 2002, Colin Watson <cjwatson@debian.org> wrote:
> > On Tue, Jul 16, 2002 at 02:08:14AM +0100, Jonathan Amery wrote:
> > >  Do you have an extant backup of the host key from before the upgrade?
> > > I fear that it might have got corrupted somewhere. 
> > 
> > While this is obviously a nasty bug, it doesn't seem to be having
> > widespread effect, so I'm downgrading it.
> 
> I haven't seen the problem again.
>  
> > Perhaps one thing that would help would be if ssh's postinst backed up
> > host keys before attempting to edit them?
> 
> That seems like a very sensible idea to me.
> 
> Perhaps make them 0400 afterwards, and perhaps back them up in a way
> that would protect against repeated broken attempts to upgrade.
> (e.g. move to "host_key.$TIMESTAMP~")

I think in fact this was the same bug as #312312, and is therefore now
(belatedly) fixed:

openssh (1:4.1p1-7) unstable; urgency=low

  * Do the IDEA host key check on a temporary file to avoid altering
    /etc/ssh/ssh_host_key itself (closes: #312312).
  * Work around the ssh-askpass alternative somehow ending up in manual mode
    pointing to the obsolete /usr/lib/ssh/gnome-ssh-askpass.
  * Add GNU/kFreeBSD support (thanks, Aurelien Jarno; closes: #318113).
  * Fix XSIish uses of 'test' in openssh-server.preinst.
  * Policy version 3.6.2: no changes required.

 -- Colin Watson <cjwatson@debian.org>  Fri,  2 Sep 2005 16:18:11 +0100

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Prev by Date: Bug#327358: possible ssh bug
Next by Date: Bug#327443: X Forwarding broken on IPv6 systems without X11UseLocalhost
Previous by thread: Bug#327358: possible ssh bug
Next by thread: Bug#327443: X Forwarding broken on IPv6 systems without X11UseLocalhost
Index(es):
- Date
- Thread