I just found my way to this bug nearly 10 years later whilst wanting to report the same issue still persists.
PAM upstream changed the default of user_readenv from 1 to 0 in https://github.com/linux-pam/linux-pam/commit/f83fb5f25263356391d71da595def409e8dd90f7 and subsequently added explicit deprecation of the feature in https://github.com/linux-pam/linux-pam/commit/ecd526743a27157c5210b0ce9867c43a2fa27784 Other default /etc/pam.d/ files in Debian that invoke pam_env.so, do not include user_readenv=1 - SSH is an unexpected outlier in this regard. One further surprise: whilst the nomenclature tends to lead people in the direction of believing ~/.pam_environment is a user addition to /etc/environment, it is not, it is actually a user addition to /etc/security/pam_env.conf. I am uncertain if this was originally intended, or was a historic coding error normalized by time. Previous versions of the man page text hint at the latter - https://github.com/linux-pam/linux-pam/issues/6. In view of all these things, I believe there is an excellent case for dropping "user_readenv=1" from debian/openssh-server.sshd.pam.in
