Bug#114853: marked as done (ssh; upgrading to version 2 should warn the user!)

To: Colin Watson <cjwatson@debian.org>
Subject: Bug#114853: marked as done (ssh; upgrading to version 2 should warn the user!)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 21 May 2013 23:39:11 +0000
Message-id: <handler.114853.D114853.136917950010772.ackdone@bugs.debian.org>
References: <20130521233812.GA17135@riva.ucam.org> <E15qY4v-0001QU-00@pot.cnuce.cnr.it>

Your message dated Wed, 22 May 2013 00:38:12 +0100
with message-id <20130521233812.GA17135@riva.ucam.org>
and subject line Re: Bug#114853: ssh; upgrading to version 2 should warn the user!
has caused the Debian Bug report #114853,
regarding ssh; upgrading to version 2 should warn the user!
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
114853: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=114853
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ssh; upgrading to version 2 should warn the user!
From: Francesco Potorti` <pot@gnu.org>
Date: Mon, 08 Oct 2001 12:56:09 +0200
Message-id: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>

Package: ssh
Version: 1:2.9p2-6
Severity: normal

In the README.Debian file I read that the default is now ssh2, which
means I must regenerate my keys.  This is all good and nice, but ssh
should print a big warning when upgrading from ssh1, because my public
keys stopped working, and that's not good at all.

To make things worse, this problem is not referenced in big letters in
the README.Debian, and no recipe is given to do the necessary work, only
a reference to man ssh-keygen.

Better yet, at upgrade time, the package should offer to help you
regenerate your keys.

-- System Information
Debian Release: testing/unstable
Kernel Version: Linux pot 2.2.19 #6 Fri Sep 7 18:53:23 CEST 2001 i686 unknown

Versions of the packages ssh depends on:
ii  debconf        1.0.02         Debian configuration management system
ii  libc6          2.2.4-1        GNU C Library: Shared libraries and Timezone
ii  libpam-modules 0.72-32        Pluggable Authentication Modules for PAM
ii  libpam0g       0.72-32        Pluggable Authentication Modules library
ii  libssl0.9.6    0.9.6b-2       SSL shared libraries
ii  libwrap0       7.6-8.2        Wietse Venema's TCP wrappers library
ii  zlib1g         1.1.3-15       compression library - runtime

--- Begin /etc/ssh/sshd_config (modified conffile)
Port 22
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog no
KeepAlive yes
SyslogFacility AUTH
LogLevel INFO
RhostsAuthentication no
RhostsRSAAuthentication no
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
PAMAuthenticationViaKbdInt yes
Subsystem	sftp	/usr/lib/sftp-server

--- End /etc/ssh/sshd_config

--- Begin /etc/ssh/ssh_config (modified conffile)
Host localhost
    ForwardAgent yes
    ForwardX11 yes
    UsePrivilegedPort yes
Host *.cnuce.cnr.it
    ForwardAgent yes
    ForwardX11 yes
    UsePrivilegedPort yes
Host *

--- End /etc/ssh/ssh_config

--- Begin /etc/pam.d/ssh (modified conffile)
auth       required     pam_nologin.so
auth       required     pam_unix.so
auth       required     pam_env.so # [1]
account    required     pam_unix.so
session    required     pam_unix.so
session    optional     pam_lastlog.so # [1]
session    optional     pam_motd.so # [1]
session    optional     pam_mail.so standard # [1]
session    required     pam_limits.so
password required       pam_cracklib.so retry=3 minlen=6 difok=3
password required       pam_unix.so use_authtok nullok md5

--- End /etc/pam.d/ssh

--- End Message ---

--- Begin Message ---

To: 114853-close@bugs.debian.org
Subject: Re: Bug#114853: ssh; upgrading to version 2 should warn the user!
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 22 May 2013 00:38:12 +0100
Message-id: <20130521233812.GA17135@riva.ucam.org>
In-reply-to: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>
References: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>

Control: tag -1 wontfix

On Mon, Oct 08, 2001 at 12:56:09PM +0200, Francesco Potorti` wrote:
> In the README.Debian file I read that the default is now ssh2, which
> means I must regenerate my keys.  This is all good and nice, but ssh
> should print a big warning when upgrading from ssh1, because my public
> keys stopped working, and that's not good at all.
> 
> To make things worse, this problem is not referenced in big letters in
> the README.Debian, and no recipe is given to do the necessary work, only
> a reference to man ssh-keygen.
> 
> Better yet, at upgrade time, the package should offer to help you
> regenerate your keys.

I think this bug has been long since overtaken by events.  We perhaps
should have done something better at the time, but at this point nobody
is realistically going to be doing direct upgrades from ssh1 to a
current Debian system, so I don't think there's any point in keeping
this bug open.

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

--- End Message ---

Reply to:

Prev by Date: Processed: fixed 708275 in openssh/1:6.2p2-1
Next by Date: Bug#219402: marked as done (templates poorly punctuated)
Previous by thread: Processed: fixed 708275 in openssh/1:6.2p2-1
Next by thread: Bug#219402: marked as done (templates poorly punctuated)
Index(es):
- Date
- Thread