[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#990882: openssh-server: With ipv6 ssh-client fail as well as scp getting expecting SSH2_MSG_KEX_ECDH_REPLY

Package: openssh-server
Version: 1:7.9p1-10+deb10u2
Severity: normal
Tags: ipv6

Dear Maintainer,

* What led up to the situation?
We could't ssh to the server in ipv6, ipv4 was OK. After some times we discover that the problem also exists with scp, only ipv6 too. 

* What exactly did you do (or not do) that was effective (or
ineffective)?
Adding MACs=hmacs-sha2-256 to .ssh/config solved the problem for ssh client (Debian 9/10 & Ubuntu 18/20) but not for scp (Debian 9/10 & Ubuntu 18/20) 

* What was the outcome of this action?

System update begining of july (servers are updated each week on saturday)

* What outcome did you expect instead?
ssh and scp connecting smoothly. With the above MACs trick, scp connect but then hangs on copy like 

Authenticated to myserver ([2001:db8:dead:beef::1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding 
debug1: Sending environment.
debug1: Sending env LANG = fr_FR.UTF-8
debug1: Sending command: scp -v -t /etc/bind/VarCacheBind/
Sending file modes: C0644 3079 file.txt
Sink: C0644 3079 file.txt
file.txt 0% 0 0.0KB/s --:-- ETA

where VarCacheBind is a symlink
If we do the copy in ipv4 -by adding -4 in front of command- it copy smoothly. 


-- System Information:
Debian Release: 10.10
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-17-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) 
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-server depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii dpkg 1.19.7
ii libaudit1 1:2.8.4-3
ii libc6 2.28-10
ii libcom-err2 1.44.5-1+deb10u3
ii libgssapi-krb5-2 1.17-3+deb10u1
ii libkrb5-3 1.17-3+deb10u1
ii libpam-modules 1.3.1-5
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libselinux1 2.8-1+b1
ii libssl1.1 1.1.1d-0+deb10u6
ii libsystemd0 241-7~deb10u7
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii openssh-client 1:7.9p1-10+deb10u2
ii openssh-sftp-server 1:7.9p1-10+deb10u2
ii procps 2:3.3.15-2
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1

Versions of packages openssh-server recommends:
ii libpam-systemd [logind] 241-7~deb10u7
ii ncurses-term 6.1+20181013-2+deb10u2
pn xauth <none>

Versions of packages openssh-server suggests:
ii molly-guard 0.7.1
pn monkeysphere <none>
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>

-- debconf information:
openssh-server/password-authentication: true
* openssh-server/permit-root-login: true
Reply to: