Bug#822844: openssh-client: can't use an in-memory-only certificate that doesn't also have another in-memory private key
On Thu, Apr 28, 2016 at 05:43:43PM +0800, gustavo panizzo wrote:
> Package: openssh-client
> Version: 1:7.2p2-5
> Severity: normal
> I'm affected by this upstream bug
> Can you apply the patch to 7.2 package?
That is what I did in the very version that you report as being affected
openssh (1:7.2p2-5) unstable; urgency=medium
* Backport upstream patch to unbreak authentication using lone certificate
keys in ssh-agent: when attempting pubkey auth with a certificate, if no
separate private key is found among the keys then try with the
certificate key itself (thanks, Paul Querna; LP: #1575961).
-- Colin Watson <firstname.lastname@example.org> Thu, 28 Apr 2016 01:52:01 +0100
Are you sure that you were affected by this in 1:7.2p2-5, and not in
1:7.2p2-4 or earlier versions?
Colin Watson [email@example.com]