Package: dropbear Version: 0.52-5 Severity: normal The dropbear SSH server listens on IPv4 but not IPv6 addresses. This is running in a VPS environment as an Virtuozzo/openVZ guest.
Relevant configuration/evidence below: Running command (taken from ps output): /usr/sbin/dropbear -d /etc/dropbear/dropbear_dss_host_key -r /etc/dropbear/dropbear_rsa_host_key -p 22 -W 65536 -w -s $ cat /etc/default/dropbear # disabled because OpenSSH is installed # change to NO_START=0 to enable Dropbear NO_START=0 # the TCP port that Dropbear listens on DROPBEAR_PORT=22 # any additional arguments for Dropbear DROPBEAR_EXTRA_ARGS="-w -s" # specify an optional banner file containing a message to be # sent to clients before they connect, such as "/etc/issue.net" DROPBEAR_BANNER="" # RSA hostkey file (default: /etc/dropbear/dropbear_rsa_host_key) #DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key" # DSS hostkey file (default: /etc/dropbear/dropbear_dss_host_key) #DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key" # Receive window size - this is a tradeoff between memory and # network performance DROPBEAR_RECEIVE_WINDOW=65536 $ netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN tcp6 0 0 :::25 :::* LISTEN $ ip -6 addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 9: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 inet6 2607:[removed]:3ae6/0 scope global valid_lft forever preferred_lft forever inet6 2607:[removed]:a1c5/0 scope global valid_lft forever preferred_lft forever -- System Information: Debian Release: 6.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-238.12.1.el5.pony6-1 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages dropbear depends on: ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime dropbear recommends no packages. Versions of packages dropbear suggests: ii openssh-client 1:5.5p1-6 secure shell (SSH) client, for sec pn runit <none> (no description available) ii udev 164-3 /dev/ and hotplug management daemo pn xauth <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org