[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
I am closing this bug since the issue appears to be in Oracle Linux and is being tracked here: https://github.com/oracle/oracle-linux/issues/125 Thanks! ** Bug watch added: github.com/oracle/oracle-linux/issues #125 https://github.com/oracle/oracle-linux/issues/125 ** Changed in: openssh (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: Invalid Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
Thank you Marc and ibauto. I'll try to investigate/report on the Oracle Linux 8 side. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
I believe this issue is caused by a bad backport in Oracle's 8.0p1-19.el8_9.2 package. I think their fix for CVE-2023-48795 isn't properly adding kex-strict-s-...@openssh.com to their KEX. Downgrading the Ubuntu package works around the problem as that prevents the client from offering kex-strict-c-...@openssh.com. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-48795 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
OK, I have managed to locate the Oracle binary packages for 8.0p1-19.el8_9.2 and can confirm the issue. This is curious as the same packages from RockyLinux appear to work. I will attempt to investigate the differences. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
The Oracle Linux I'm running is the v8 developer preview, as that is the only freely downloadable version. I couldn't reproduce the issue with openssh-server-8.0p1-17.el8.x86_64. Since I can't get newer packages from Oracle with this version, I installed openssh, openssh-askpass, openssh-client and openssh-server 8.0p1-19.el8_9.2 from RockyLinux into the Oracle install, and I still can't reproduce the issue. Could someone perhaps email me the 4 Oracle binary rpms for the packages listed above so I can try them? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
We are having the same with OL8 8.9 Openssh used om OL8 = 8.0p1-19.el8_9.2 Ubuntu 18.04, 20.04 and 22.04 who update to are having a problem We downgraded our versions temporary to 18.04: openssh-server=1:7.6p1-4ubuntu0.7 20.04: openssh-server=1:8.2p1-4 22.04: openssh-server=1:8.9p1-3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2052328] Re: openssh-client encounters MAC algo issue with EL8
Hi, Thanks for reporting this issue. I can't seem to reproduce it though with Oracle Linux v8 running openssh-server-8.0p1-17.el8.x86_64 and an Ubuntu 22.04 client running 1:8.9p1-3ubuntu0.6. Could you perhaps give me a bit more details on how I could reproduce this? Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2052328 Title: openssh-client encounters MAC algo issue with EL8 Status in openssh package in Ubuntu: New Bug description: Ubuntu 22.04 system connecting to an Oracle Linux v8 host. The following error occurs regardless of the the MACs specified (or not) in sshd_config: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to XX.XX.XX.XX port 22: message authentication code incorrect Presumably, this may happen on any RHEL v8 variant. Note that connecting to Enterprise Linux v7 work as well as other Ubuntu hosts. Downgrading to previous version of openssh-client fixes issue. apt install openssh-client=1:8.9p1-3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2052328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp