Bug#817836: marked as done (openssh-server: ECDSA host key creation after upgrades)
Your message dated Sun, 2 Apr 2017 03:04:38 +0100
with message-id <20170402020438.GP9002@riva.ucam.org>
and subject line Re: Bug#817836: openssh-server: ECDSA host key creation after upgrades
has caused the Debian Bug report #817836,
regarding openssh-server: ECDSA host key creation after upgrades
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
817836: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817836
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: openssh-server: ECDSA host key creation after upgrades
- From: David Magda <david.magda@oicr.on.ca>
- Date: Thu, 10 Mar 2016 14:06:17 -0500
- Message-id: <20160310190617.2982.48502.reportbug@dns2.oicr.on.ca>
Package: openssh-server
Version: 1:6.0p1-4+deb7u3
Severity: wishlist
Dear Maintainer,
We're upgrading some systems from Debian 6 to Debian 7 (and then maybe 8). As
part of the update, the newer version of OpenSSH supports the newer ECDSA
format.
However, after the upgrade is complete, and I run 'dpkg-reconfigure
openssh-server', the "/etc/ssh/ssh_host_ecdsa_key" is not generated.
It seems that the package doesn't touch sshd_config(5) to add the new
HostKey file.
This isn't necessarily a bad thing, but could you add functinality so that
the user is prompted about updating "/etc/ssh/sshd_config"? If there have
been no local changes then the new file can be installed, but if there are
site-specific modifications then the admin can decide what to do.
-- System Information:
Debian Release: 7.9
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.49
ii dpkg 1.16.17
ii libc6 2.13-38+deb7u10
ii libcomerr2 1.42.5-1.1+deb7u1
ii libgssapi-krb5-2 1.10.1+dfsg-5+deb7u7
ii libkrb5-3 1.10.1+dfsg-5+deb7u7
ii libpam-modules 1.1.3-7.1
ii libpam-runtime 1.1.3-7.1
ii libpam0g 1.1.3-7.1
ii libselinux1 2.1.9-5
ii libssl1.0.0 1.0.1e-2+deb7u20
ii libwrap0 7.6.q-24
ii lsb-base 4.1+Debian8+deb7u1
ii openssh-client 1:6.0p1-4+deb7u3
ii procps 1:3.3.3-3
ii zlib1g 1:1.2.7.dfsg-13
-- debconf information excluded
--- End Message ---
--- Begin Message ---
- To: 817836-done@bugs.debian.org
- Subject: Re: Bug#817836: openssh-server: ECDSA host key creation after upgrades
- From: Colin Watson <cjwatson@debian.org>
- Date: Sun, 2 Apr 2017 03:04:38 +0100
- Message-id: <20170402020438.GP9002@riva.ucam.org>
- In-reply-to: <20160310190617.2982.48502.reportbug@dns2.oicr.on.ca>
- References: <20160310190617.2982.48502.reportbug@dns2.oicr.on.ca>
Source: openssh
Source-Version: 1:7.4p1-1
On Thu, Mar 10, 2016 at 02:06:17PM -0500, David Magda wrote:
> We're upgrading some systems from Debian 6 to Debian 7 (and then maybe 8). As
> part of the update, the newer version of OpenSSH supports the newer ECDSA
> format.
>
> However, after the upgrade is complete, and I run 'dpkg-reconfigure
> openssh-server', the "/etc/ssh/ssh_host_ecdsa_key" is not generated.
>
> It seems that the package doesn't touch sshd_config(5) to add the new
> HostKey file.
>
> This isn't necessarily a bad thing, but could you add functinality so that
> the user is prompted about updating "/etc/ssh/sshd_config"? If there have
> been no local changes then the new file can be installed, but if there are
> site-specific modifications then the admin can decide what to do.
I fixed this in openssh 1:7.4p1-1 by switching to managing sshd_config
using ucf.
Thanks,
--
Colin Watson [cjwatson@debian.org]
--- End Message ---
Reply to: