Ubuntu
openssl package

  1. Jammy (22.04)
  2. Bug #1990216
  3. Comment #20

Comment 20 for bug 1990216

Revision history for this message
Nathan Stratton Treadway (nathanst) wrote : Re: [Bug 1990216] Re: backport fix for "OpenSSL 3 cannot decrypt data encrypted with OpenSSL 1.1 with blowfish in OFB or CFB modes" to Jammy

On Sat, Jul 06, 2024 at 09:10:46PM -0000, Fredrik Wendt wrote:
> I just ran into this exact issue again with a fresh install of 24.04:
> Noble (and Jammy) can't connect to other Ubuntu nodes). What's the
> recommended approach - lift all nodes to one of the (in Ubuntu) broken
> libssl3 packages?

What application are you using in this context?

What are the version numbers for the libssl* packages in use on the various
nodes?

Off hand, I would expect that Jammy would be the only release whose
default Blowfish configuration is incompatible with the implementations
on the other releases. (That is, I would expect a Noble installation to
connect to earlier-than-Jammy instances without any problem.)

                                                        Nathan

p.s. Note that on any release using libssl3, if you are trying to Blowfish
encryption, you do need to enable the OpenSSL "legacy" provider. So
that step will be necessary on Noble, but is due to the general switch
to OpenSSL v3 rather than this specific bug in Jammy's libssl3 library.