[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#848986: marked as done (openssh-client: ssh-keygen fails on a four character encryption password)

Your message dated Wed, 4 Jan 2017 05:37:26 +0000
with message-id <20170104053726.GC20455@riva.ucam.org>
and subject line Re: Bug#848986: openssh-client: ssh-keygen fails on a four character encryption password
has caused the Debian Bug report #848986,
regarding openssh-client: ssh-keygen fails on a four character encryption password
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
848986: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848986
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: openssh-client
Version: 1:6.7p1-5+deb8u3
Severity: minor

Dear Maintainer,

When one enters a four character passphrase to ssh-keygen it fails and says
that the passphase is too short and it needs at minimum four characters.
Contrary to the failure message, ssh-keygen accepts only passphrases with at
least five characters.

$ ssh-keygen -t rsa -b 1024 -f test1
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): <<< entered 'test' here, 4 chars
Enter same passphrase again:
key_save_private: passphrase is too short (minimum four characters)
Saving the key failed: test1.


$ ssh-keygen -t rsa -b 1024 -f test2
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): <<< entered 'test1' here, 5 chars
Enter same passphrase again:
Your identification has been saved in test2.
Your public key has been saved in test2.pub.
The key fingerprint is:
bd:b9:f8:87:2e:77:d8:88:50:4c:71:11:28:36:98:a6 michael@polaris
The key's randomart image is:
+---[RSA 1024]----+
|     o  .o+o     |
|    + + o.       |
|   o . =         |
|  E     o.       |
|       .S .      |
|      .    o     |
|       . .o=     |
|        o.=.+    |
|        .=+o     |
+-----------------+

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.17.27
ii  libc6             2.19-18+deb8u6
ii  libedit2          3.1-20140620-2
ii  libgssapi-krb5-2  1.12.1+dfsg-19+deb8u2
ii  libselinux1       2.3-2
ii  libssl1.0.0       1.0.1t-1+deb8u5
ii  passwd            1:4.2-3+deb8u1
ii  zlib1g            1:1.2.8.dfsg-2+b1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.9-1

Versions of packages openssh-client suggests:
pn  keychain      <none>
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
pn  ssh-askpass   <none>

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: openssh
Source-Version: 1:7.2p1-1

On Wed, Dec 21, 2016 at 03:32:42PM +0100, Michael Luecke wrote:
> When one enters a four character passphrase to ssh-keygen it fails and says
> that the passphase is too short and it needs at minimum four characters.
> Contrary to the failure message, ssh-keygen accepts only passphrases with at
> least five characters.

This was fixed upstream in this commit:

  https://anongit.mindrot.org/openssh.git/commit/?id=3c019a936b43f3e2773f3edbde7c114d73caaa4c

... which was part of OpenSSH 7.2p1.

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

--- End Message ---
Reply to: