Hello Prashanth, thank you very much for making this bug report and
making Ubuntu better!

Are you building openssl 3.1.2 or pulling the package from somewhere?

I tried installing a slightly newer version in a jammy LXC container and
see this error when trying to install libssl3 (a requirement to install
the newer openssl package).

I did:
$ lxc launch ubuntu:jammy j
$ lxc shell j
# apt install -y ssh
# wget 
http://ftp.us.debian.org/debian/pool/main/o/openssl/libssl3_3.1.3-1_amd64.deb
# dpkg -i libssl3_3.1.3-1_amd64.deb
dpkg: regarding libssl3_3.1.3-1_amd64.deb containing libssl3:amd64:
 libssl3:amd64 breaks openssh-client (<< 1:9.4p1)
  openssh-client (version 1:8.9p1-3ubuntu0.4) is present and installed.

dpkg: error processing archive libssl3_3.1.3-1_amd64.deb (--install):
 installing libssl3:amd64 would break openssh-client, and
 deconfiguration is not permitted (--auto-deconfigure might help)
Errors were encountered while processing:
 libssl3_3.1.3-1_amd64.deb

So the package is aware that this configuration will not work.


FWIW I tried adding the patch you mentioned into openssh, and it builds fine, 
but one of the tests now fails - 
https://launchpad.net/~mitchdz/+archive/ubuntu/lp2038561-openssh-version-mismatch/+packages

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2038561

Title:
  Requesting Ubuntu package manager to release openssh updates to focal
  and jammy

Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  We're are unable to test OpenSSL 3.1 versions on Ubuntu 22.04 and
  20.04 machines because the machine gets bricked and loses SSH after
  installation of OpenSSL 3.1.2.

  This is because SSHD gets restarted when OpenSSL 3.1 gets installed.
  But it fails to come up and we lose SSH access to the box.

  Debug logging on SSHD shows the below error when it tries to start : 
  OpenSSL version mismatch. Built against 30000020, you have 30100020

  After researching in online forums, it appears that this is an OpenSSH bug 
and it's been fixed in version 9.4p1 and 9.5p1 via this fix : 
  
https://github.com/openssh/openssh-portable/commit/b7afd8a4ecaca8afd3179b55e9db79c0ff210237

  However, it appears that only 8.9p1 version of openssh-client and
  openssh-server are available in Ubuntu packages.

  Requesting you to please release openssh versions 9.4p1 or 9.5p1 on
  Jammy and Focal which will help us move past this bug and start
  testing OpenSSL 3.1 for our use cases.

  
  Additional information about our environment:
  $ lsb_release -rd
  Description:  Ubuntu 22.04.3 LTS
  Release:      22.04

  $ apt-cache policy openssh-server
  openssh-server:
    Installed: 1:8.9p1-3ubuntu0.4
    Candidate: 1:8.9p1-3ubuntu0.4
    Version table:
   *** 1:8.9p1-3ubuntu0.4 500
          500 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy-updates/main 
amd64 Packages
          100 /var/lib/dpkg/status
       1:8.9p1-3ubuntu0.3 500
          500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 
Packages
       1:8.9p1-3 500
          500 http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy/main amd64 
Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2038561/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to