Bug#114853: marked as done (ssh; upgrading to version 2 should warn the user!)
Your message dated Wed, 22 May 2013 00:38:12 +0100
with message-id <20130521233812.GA17135@riva.ucam.org>
and subject line Re: Bug#114853: ssh; upgrading to version 2 should warn the user!
has caused the Debian Bug report #114853,
regarding ssh; upgrading to version 2 should warn the user!
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
114853: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=114853
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ssh; upgrading to version 2 should warn the user!
- From: Francesco Potorti` <pot@gnu.org>
- Date: Mon, 08 Oct 2001 12:56:09 +0200
- Message-id: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>
Package: ssh
Version: 1:2.9p2-6
Severity: normal
In the README.Debian file I read that the default is now ssh2, which
means I must regenerate my keys. This is all good and nice, but ssh
should print a big warning when upgrading from ssh1, because my public
keys stopped working, and that's not good at all.
To make things worse, this problem is not referenced in big letters in
the README.Debian, and no recipe is given to do the necessary work, only
a reference to man ssh-keygen.
Better yet, at upgrade time, the package should offer to help you
regenerate your keys.
-- System Information
Debian Release: testing/unstable
Kernel Version: Linux pot 2.2.19 #6 Fri Sep 7 18:53:23 CEST 2001 i686 unknown
Versions of the packages ssh depends on:
ii debconf 1.0.02 Debian configuration management system
ii libc6 2.2.4-1 GNU C Library: Shared libraries and Timezone
ii libpam-modules 0.72-32 Pluggable Authentication Modules for PAM
ii libpam0g 0.72-32 Pluggable Authentication Modules library
ii libssl0.9.6 0.9.6b-2 SSL shared libraries
ii libwrap0 7.6-8.2 Wietse Venema's TCP wrappers library
ii zlib1g 1.1.3-15 compression library - runtime
--- Begin /etc/ssh/sshd_config (modified conffile)
Port 22
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog no
KeepAlive yes
SyslogFacility AUTH
LogLevel INFO
RhostsAuthentication no
RhostsRSAAuthentication no
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
PAMAuthenticationViaKbdInt yes
Subsystem sftp /usr/lib/sftp-server
--- End /etc/ssh/sshd_config
--- Begin /etc/ssh/ssh_config (modified conffile)
Host localhost
ForwardAgent yes
ForwardX11 yes
UsePrivilegedPort yes
Host *.cnuce.cnr.it
ForwardAgent yes
ForwardX11 yes
UsePrivilegedPort yes
Host *
--- End /etc/ssh/ssh_config
--- Begin /etc/pam.d/ssh (modified conffile)
auth required pam_nologin.so
auth required pam_unix.so
auth required pam_env.so # [1]
account required pam_unix.so
session required pam_unix.so
session optional pam_lastlog.so # [1]
session optional pam_motd.so # [1]
session optional pam_mail.so standard # [1]
session required pam_limits.so
password required pam_cracklib.so retry=3 minlen=6 difok=3
password required pam_unix.so use_authtok nullok md5
--- End /etc/pam.d/ssh
--- End Message ---
--- Begin Message ---
- To: 114853-close@bugs.debian.org
- Subject: Re: Bug#114853: ssh; upgrading to version 2 should warn the user!
- From: Colin Watson <cjwatson@debian.org>
- Date: Wed, 22 May 2013 00:38:12 +0100
- Message-id: <20130521233812.GA17135@riva.ucam.org>
- In-reply-to: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>
- References: <E15qY4v-0001QU-00@pot.cnuce.cnr.it>
Control: tag -1 wontfix
On Mon, Oct 08, 2001 at 12:56:09PM +0200, Francesco Potorti` wrote:
> In the README.Debian file I read that the default is now ssh2, which
> means I must regenerate my keys. This is all good and nice, but ssh
> should print a big warning when upgrading from ssh1, because my public
> keys stopped working, and that's not good at all.
>
> To make things worse, this problem is not referenced in big letters in
> the README.Debian, and no recipe is given to do the necessary work, only
> a reference to man ssh-keygen.
>
> Better yet, at upgrade time, the package should offer to help you
> regenerate your keys.
I think this bug has been long since overtaken by events. We perhaps
should have done something better at the time, but at this point nobody
is realistically going to be doing direct upgrades from ssh1 to a
current Debian system, so I don't think there's any point in keeping
this bug open.
Thanks,
--
Colin Watson [cjwatson@debian.org]
--- End Message ---
Reply to: