bugzilla-daemon at mindrot.org
2021-Jan-05 12:45 UTC
[Bug 3249] New: openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249
Bug ID: 3249
Summary: openssh support for openssl 3.0 (alpha 6)
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: rajesh.satya at gmail.com
After upgrade to openssl 3.0 (alpha 6), openssh login fails.
Bad Packet length: 1868080485
debug3: send packet type 1
ssh_dispatch_run_fatal: connection to <IP> port 22: connection
corrupted
I enabled debug logging to DEBUG3, but this is the only failure message
i am seeing.
Openssh version: 8.4p1
openssl version: 3.0.0-alpha6
If there is already a plan to support openssl 3.0, kindly share
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-06 06:52 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249 --- Comment #1 from rajesh satya <rajesh.satya at gmail.com> --- Some debugging logs: sshd[1088]: debug1: SSH2_MSG_NEWKEYS sent [preauth] sshd[1088]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] sshd[1088]: debug3: receive packet: type 21 [preauth] sshd[1088]: debug1: SSH2_MSG_NEWKEYS received [preauth] sshd[1088]: debug2: set_newkeys: mode 0 [preauth] sshd[1088]: debug1: rekey in after 4294967296 blocks [preauth] sshd[1088]: debug1: KEX done [preauth] sshd[1088]: debug3: receive packet: type 5 [preauth] sshd[1088]: debug3: send packet: type 6 [preauth] sshd[1088]: Connection closed by <IP> port 48946 [preauth] ---> error happening here sshd[1088]: debug1: do_cleanup [preauth] sshd[1088]: debug3: PAM: sshpam_thread_cleanup entering [preauth] sshd[1088]: debug1: monitor_read_log: child log fd closed With openssl 1.1.1g/1.1.1i, it was working fine. Problem with openssl-3.0.0 (tried alpha6) Kindly suggest. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-07 03:08 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
We're waiting for OpenSSL to rename an incompatible API
https://github.com/openssl/openssl/issues/13411
Until then, please consider OpenSSL 3.* unsupported by OpenSSH.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-08 02:11 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |DUPLICATE
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
*** This bug has been marked as a duplicate of bug 3238 ***
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-08 08:14 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249
Marc Kleine-Budde <mkl at pengutronix.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mkl at pengutronix.de
--- Comment #4 from Marc Kleine-Budde <mkl at pengutronix.de> ---
Hey rajesh,
a recent openssl + patch "v2" from
https://bugzilla.mindrot.org/show_bug.cgi?id=3238 works for me.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-08 09:05 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249 --- Comment #5 from rajesh satya <rajesh.satya at gmail.com> --- I tried the same of v2 patch, the issue still persists. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Jan-08 12:59 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249 --- Comment #6 from Marc Kleine-Budde <mkl at pengutronix.de> --- Forgot to mention, that chacha20 is broken, too. Make sure to use recent openssl together with my patches: https://github.com/marckleinebudde/openssh-portable/tree/workaround-openssl-3 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:51 UTC
[Bug 3249] openssh support for openssl 3.0 (alpha 6)
https://bugzilla.mindrot.org/show_bug.cgi?id=3249
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #7 from Damien Miller <djm at mindrot.org> ---
close bugs that were resolved in OpenSSH 8.5 release cycle
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.