Hi, We currently experience problems when trying to connect to OpenSSH servers on rocko distros. Connecting between rocko machines seems to work, however, connecting from a morty based machine or Desktop distributions fails:
$ ssh root@192.168.10.171 ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect signature The server shows not special sign other than that the client closed the connection. Forcing Ciphers/MACs seems not to help. This is ssh used on the client side ArchLinux machine: $ ssh -V OpenSSH_7.6p1, OpenSSL 1.1.0g 2 Nov 2017 But the same happens from a Fedora machine: $ ssh -V OpenSSH_7.5p1, OpenSSL 1.1.0f-fips 25 May 2017 And morty based machine: # ssh -V OpenSSH_7.3p1, OpenSSL 1.0.2j 26 Sep 2016 The OpenSSH version on rocko: # ssh -V OpenSSH_7.5p1, OpenSSL 1.0.2l 25 May 2017 I also backported 7.6p1 from master, but it fails as well. It seems that at least OpenSSH 7.5p1/7.6p1 is broken with the OpenSSL 1.0 version used in rocko... In a quick test I removed the PREFERRED_VERSION_openssl to get 1.1.0f, removed openssl10 DEPENDS in the openssh recipe and added the ArchLinux' openssl-1.1.0.patch: # ssh -V OpenSSH_7.5p1, OpenSSL 1.1.0f 25 May 2017 With that I could login. User nayfe on IRC reported the same issue. I guess moving rocko to OpenSSL 1.1 is not really an option at this point? Thoughts? -- Stefan -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
