group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1575961] Re: OpenSSH Client Certificate Auth Regression

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1575961@xxxxxxxxxxxxxxxxxx>
Date: Mon, 09 May 2016 08:47:02 -0000
Reply-to: Bug 1575961 <1575961@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package openssh - 1:7.2p2-4ubuntu1

---------------
openssh (1:7.2p2-4ubuntu1) xenial; urgency=medium

  * Backport upstream patch to unbreak authentication using lone certificate
    keys in ssh-agent: when attempting pubkey auth with a certificate, if no
    separate private key is found among the keys then try with the
    certificate key itself (thanks, Paul Querna; LP: #1575961).

 -- Colin Watson <cjwatson@xxxxxxxxxx>  Thu, 28 Apr 2016 01:57:51 +0100

** Changed in: openssh (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1575961

Title:
  OpenSSH Client Certificate Auth Regression

Status in openssh package in Ubuntu:
  Fix Released
Status in openssh source package in Xenial:
  Fix Released

Bug description:
  OpenSSH Client Certificates worked in Ubuntu 15.10 and 14.04 LTS --
  but not 16.04.

  OpenSSH 7.2.p2 includes a bug in how it loads keys & certificates, and
  basically will never find the correct private key for an OpenSSH
  Client Certificate.

  This is the upstream bug:

  https://bugzilla.mindrot.org/show_bug.cgi?id=2550

  Fix was committed on March 14:

  https://github.com/openssh/openssh-
  portable/commit/c38905ba391434834da86abfc988a2b8b9b62477

  I've tested with the attached patch, and it allows Client Certificate
  auth to work at all.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1575961/+subscriptions