Bug#903474: openssh-server: ~/.ssh/authorized_keys no longer accepts environment option with underscores in name
Package: openssh-server
Version: 1:7.7p1-2
Severity: normal
Tags: upstream
Dear Maintainer,
The ~/.ssh/authorized_keys no longer accepts lines with an environment option where an
underscore is used in the environment name.
e.g.
environment="LC_ALL=C" ssh-rsa AAAA... my-public-key
This stricter checking is added in openssh 7.7. As a result of this stricter check, I am
no longer allowed to login with this key. Imho this is too restrictive and underscores
should be allowed.
The bug is fixed upstream here:
https://bugzilla.mindrot.org/show_bug.cgi?id=2851
Best Regards,
Bas van Sisseren
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.16.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openssh-server depends on:
ii adduser 3.117
ii debconf [debconf-2.0] 1.5.67
ii dpkg 1.19.0.5+b1
ii libaudit1 1:2.8.3-1+b1
ii libc6 2.27-3
ii libcom-err2 1.44.2-1
ii libgssapi-krb5-2 1.16-2
ii libkrb5-3 1.16-2
ii libpam-modules 1.1.8-3.7
ii libpam-runtime 1.1.8-3.7
ii libpam0g 1.1.8-3.7
ii libselinux1 2.8-1+b1
ii libssl1.0.2 1.0.2o-1
ii libsystemd0 239-5
ii libwrap0 7.6.q-27
ii lsb-base 9.20170808
ii openssh-client 1:7.7p1-2
ii openssh-sftp-server 1:7.7p1-2
ii procps 2:3.3.15-2
ii ucf 3.0038
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages openssh-server recommends:
pn libpam-systemd <none>
pn ncurses-term <none>
pn xauth <none>
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information:
openssh-server/permit-root-login: true
openssh-server/password-authentication: true
Reply to: