Comment 8 for bug 15359

Message-Id: <email address hidden>
Date: Wed, 03 Jul 2002 13:15:32 +1000
From: "Martin Pool" <email address hidden>
To: "Debian Bug Tracking System" <email address hidden>
Subject: ssh: 3.4p1-2 fails to install saying "cipher_encrypt: bad plaintext length 337"

Package: ssh
Version: 1:3.4p1-2
Severity: grave
Justification: renders package unusable

When I try to install 3.4p1-2 via apt, I get this:

Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, ssh is already the newest version.
0 packages upgraded, 0 newly installed, 0 to remove and 61 not upgraded.
2 packages not fully installed or removed.
Need to get 0B of archives. After unpacking 0B will be used.
Setting up ssh (3.4p1-2) ...
cipher_encrypt: bad plaintext length 337
dpkg: error processing ssh (--configure):
 subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of ssh-askpass-gnome:
 ssh-askpass-gnome depends on ssh (>= 1:1.2pre7-4); however:
  Package ssh is not configured yet.
dpkg: error processing ssh-askpass-gnome (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 ssh
 ssh-askpass-gnome
E: Sub-process /usr/bin/dpkg returned an error code (1)

Running strace on the post-installation script shows that the message
comes from execution of this command:

execve("/usr/bin/ssh-keygen", ["ssh-keygen", "-p", "-N", "", "-f", "/etc/ssh/ssh_host_key"], [/* 44 vars */])

just after it tries to read /etc/ssh/ssh_host_key. Running that
command from the command line reproduces the same error.

It seems that this command is called from check_idea_key() in
ssh.postinst.

If I move the v1 host key out of the way, then postinst does not run
this command, and installation proceeds without error.

My SSH1 key was working perfectly well with previous versions
(unstable ~3 days ago) as far as I could tell.

It seems that this bug can leave ssh half-configured, which is
obviously a potentially severe problem for machines with only ssh
access.

I still have the keyfile in case you want it. It identifies itself as
"SSH PRIVATE KEY FILE FORMAT 1.1".

Cheers,
--
Martin

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux anomic 2.4.18 #55 Mon Apr 29 12:28:16 WST 2002 i686
Locale: LANG=C, LC_CTYPE=

Versions of packages ssh depends on:
ii adduser 3.47 Add and remove users and groups
ii debconf 1.1.14 Debian configuration management sy
ii libc6 2.2.5-7 GNU C Library: Shared libraries an
ii libpam-modules 0.72-35 Pluggable Authentication Modules f
ii libpam0g 0.72-35 Pluggable Authentication Modules l
ii libssl0.9.6 0.9.6d-1 SSL shared libraries
ii libwrap0 7.6-9 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.1.4-1 compression library - runtime

-- debconf information:
* ssh/ssh2_keys_merged:
  ssh/new_config: true
* ssh/rootlogin_warning:
  ssh/insecure_rshd:
* ssh/privsep_tell:
* ssh/forward_warning:
  ssh/ancient_version:
  ssh/protocol2_only: true
* ssh/protocol2_default:
* ssh/insecure_telnetd:
* ssh/run_sshd: true
  ssh/encrypted_host_key_but_no_keygen:
* ssh/use_old_init_script: true
* ssh/upgrade_to_openssh: true
* ssh/SUID_client: false
  ssh/privsep_ask: true