[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#822844: openssh-client: can't use an in-memory-only certificate that doesn't also have another in-memory private key

On Thu, Apr 28, 2016 at 05:43:43PM +0800, gustavo panizzo wrote:
> Package: openssh-client
> Version: 1:7.2p2-5
> Severity: normal
> 
> Hello
> 
> I'm affected by this upstream bug
> https://bugzilla.mindrot.org/show_bug.cgi?id=2550
> 
> Can you apply the patch to 7.2 package?

That is what I did in the very version that you report as being affected
above!

openssh (1:7.2p2-5) unstable; urgency=medium

  * Backport upstream patch to unbreak authentication using lone certificate
    keys in ssh-agent: when attempting pubkey auth with a certificate, if no
    separate private key is found among the keys then try with the
    certificate key itself (thanks, Paul Querna; LP: #1575961).

 -- Colin Watson <cjwatson@debian.org>  Thu, 28 Apr 2016 01:52:01 +0100

Are you sure that you were affected by this in 1:7.2p2-5, and not in
1:7.2p2-4 or earlier versions?

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: