Bug#429619: marked as done (openssh-server upgrade kills ability to login using password)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 20 Jun 2007 12:17:07 +0000
with message-id <E1I0z7T-0000Ok-3I@ries.debian.org>
and subject line Bug#428968: fixed in openssh 1:4.6p1-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: openssh-server upgrade kills ability to login using password
• From: Andy Gardner <andy@navigator.co.nz>
• Date: Tue, 19 Jun 2007 02:03:44 -0500
• Message-id: <[🔎] 1CDB199F-0C5B-4DF4-8828-CAF88916A6A0@navigator.co.nz>

Package: openssh-server
Version: 1:4.6p1-1

Upgraded openssh-server from 1:4.3p2-10

openssh-server installed new version of /etc/init.d/ssh

openssh-client upgraded at same time , installing new version of /etc/ ssh/ssh_config

Problem is, I upgraded kernel at same time, so did a reboot.

Now, when I try to login to the server (from an OSX machine) using password, I get "Permission denied (publickey).

Can't get to the server anymore.

What changed between 1:4.3p2-10 and 1:4.6p1-1 that broke password based login?

Here's the tail end of ssh -vvv user@host

xxxxxxxxxxxxx

debug1: Found key in /root/.ssh/known_hosts:8
debug2: bits set: 505/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).

xxxxxxxxxxxxxxx

--- End Message ---

--- Begin Message ---

• To: 428968-close@bugs.debian.org
• Subject: Bug#428968: fixed in openssh 1:4.6p1-2
• From: Colin Watson <cjwatson@debian.org>
• Date: Wed, 20 Jun 2007 12:17:07 +0000
• Message-id: <E1I0z7T-0000Ok-3I@ries.debian.org>

Source: openssh
Source-Version: 1:4.6p1-2

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_4.6p1-2_powerpc.udeb
  to pool/main/o/openssh/openssh-client-udeb_4.6p1-2_powerpc.udeb
openssh-client_4.6p1-2_powerpc.deb
  to pool/main/o/openssh/openssh-client_4.6p1-2_powerpc.deb
openssh-server-udeb_4.6p1-2_powerpc.udeb
  to pool/main/o/openssh/openssh-server-udeb_4.6p1-2_powerpc.udeb
openssh-server_4.6p1-2_powerpc.deb
  to pool/main/o/openssh/openssh-server_4.6p1-2_powerpc.deb
openssh_4.6p1-2.diff.gz
  to pool/main/o/openssh/openssh_4.6p1-2.diff.gz
openssh_4.6p1-2.dsc
  to pool/main/o/openssh/openssh_4.6p1-2.dsc
ssh-askpass-gnome_4.6p1-2_powerpc.deb
  to pool/main/o/openssh/ssh-askpass-gnome_4.6p1-2_powerpc.deb
ssh-krb5_4.6p1-2_all.deb
  to pool/main/o/openssh/ssh-krb5_4.6p1-2_all.deb
ssh_4.6p1-2_all.deb
  to pool/main/o/openssh/ssh_4.6p1-2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 428968@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 20 Jun 2007 11:52:44 +0100
Source: openssh
Binary: ssh-askpass-gnome ssh-krb5 openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source powerpc all
Version: 1:4.6p1-2
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell server, an rshd replacement
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (transitional package)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 366814 409788 428968 429531
Changes: 
 openssh (1:4.6p1-2) unstable; urgency=low
 .
   * Fix ordering of SYSLOG_LEVEL_QUIET and SYSLOG_LEVEL_FATAL.
   * Clarify that 'ssh -q -q' still prints errors caused by bad arguments
     (i.e. before the logging system is initialised).
   * Suppress "Connection to <host> closed" and "Connection to master closed"
     messages at loglevel SILENT (thanks, Jaap Eldering; closes: #409788).
   * Suppress "Pseudo-terminal will not be allocated because stdin is not a
     terminal" message at loglevels QUIET and SILENT (closes: #366814).
   * Document the SILENT loglevel in sftp-server(8), ssh_config(5), and
     sshd_config(5).
   * Add try-restart action to init script.
   * Add /etc/network/if-up.d/openssh-server to restart sshd when new
     interfaces appear (LP: #103436).
   * Backport from upstream:
     - Move C/R -> kbdint special case to after the defaults have been
       loaded, which makes ChallengeResponse default to yes again. This was
       broken by the Match changes and not fixed properly subsequently
       (closes: #428968).
     - Silence spurious error messages from hang-on-exit fix
       (http://bugzilla.mindrot.org/show_bug.cgi?id=1306, closes: #429531).
Files: 
 963aabe4b7cd7f788536770b3cf29a3a 1062 net standard openssh_4.6p1-2.dsc
 ebbc68228f4ef2c2f265e3eec625cd86 180214 net standard openssh_4.6p1-2.diff.gz
 f9a1e6f711f5eec8780890742758ef88 1062 net extra ssh_4.6p1-2_all.deb
 4017b22f35fc373b2516ed4353c42407 79284 net extra ssh-krb5_4.6p1-2_all.deb
 9d147e37132b4c565c31deee3b5f0d57 711028 net standard openssh-client_4.6p1-2_powerpc.deb
 0a0848a077e3e3f561d62a15a81d5bb7 266820 net optional openssh-server_4.6p1-2_powerpc.deb
 1c877250f2512889f03001c43e546199 89740 gnome optional ssh-askpass-gnome_4.6p1-2_powerpc.deb
 fb34bb3117dc6eef052da77b133e073a 177614 debian-installer optional openssh-client-udeb_4.6p1-2_powerpc.udeb
 f3667dc614930c7e799da3d7e760e8a0 184628 debian-installer optional openssh-server-udeb_4.6p1-2_powerpc.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGeRdJ9t0zAhD6TNERAuYbAJ9jURU+IqjAiWFan0x7eA40pLLC3wCfTkcY
U62KDF1bc5bcR6OA8ojq3Mw=
=rxlL
-----END PGP SIGNATURE-----

--- End Message ---