Ubuntu
openssh package

  1. Bug #1574415
  2. Activity log

Activity log for bug #1574415

Date Who What changed Old value New value Message
2016-04-25 00:46:50 TJ bug added bug
2016-04-25 00:50:07 TJ description After upgrade to 16.04 ssh client will not connect to any host, reporting /home/tj/.ssh/config line 109: Bad protocol spec '1'. The entry is: Host ups-01 Hostname 10.254.0.1 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 1 If this were an entry in /etc/ssh/ssh_config and the user had no privileges to edit that file it could create a denial of service to the ssh client (if the user doesn't know how to over-ride the config). It would be helpful if the openssh-client postinst script were to grep the standard config files (including for users) and add a warning to the motd and syslog if any invalidated configuration statements are found. This will especially affect connections to embedded devices - in this case it is an ssh server on a management VLAN in a network-attached 32-port switched Cabinet Distribution Unit (CDU) that cannot be upgraded, and only supports Protocol 1. According to the 16.04 Release Notes protocol 1 requires the openssh-client-ssh1 package with the ssh1 binary. After upgrade to 16.04 ssh client will not connect to any host, reporting /home/tj/.ssh/config line 109: Bad protocol spec '1'. The entry is: Host ups-01 Hostname 10.254.0.1 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 1 If this were an entry in /etc/ssh/ssh_config and the user had no privileges to edit that file it could create a denial of service to the ssh client (if the user doesn't know how to over-ride the config). It would be helpful if the openssh-client postinst script were to grep the standard config files (including for users) and add a warning to the motd and syslog if any invalidated configuration statements are found. This will especially affect connections to embedded devices - in this case it is an ssh server on a management VLAN in one of several network-attached Uninterruptable Power Supplies that cannot be upgraded, and only support Protocol 1. According to the 16.04 Release Notes protocol 1 requires the openssh-client-ssh1 package with the ssh1 binary.
2016-05-24 17:58:28 Launchpad Janitor openssh (Ubuntu): status New Confirmed
2016-05-25 13:23:40 Robie Basak openssh (Ubuntu): importance Undecided Low
2016-05-25 13:23:44 Robie Basak bug added subscriber Robie Basak