I submitted a patch. See https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=819361
Patch inline: ----------------------------------------------------------------------------------------- --- sshconnect2.c.orig 2017-01-04 19:47:10.000000000 +0100 +++ sshconnect2.c 2017-01-05 04:13:08.977425272 +0100 @@ -222,7 +222,6 @@ orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], "%s,null", orig); - free(gss); } } #endif @@ -273,6 +272,16 @@ /* remove ext-info from the KEX proposals for rekeying */ myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(options.kex_algorithms); +#ifdef GSSAPI + /* repair myproposal after it was crumpled by the */ + /* ext-info removal above */ + if (gss) { + orig = myproposal[PROPOSAL_KEX_ALGS]; + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], + "%s,%s", gss, orig); + free(gss); + } +#endif if ((r = kex_prop2buf(kex->my, myproposal)) != 0) fatal("kex_prop2buf: %s", ssh_err(r)); ----------------------------------------------------------------------------------------- This patch should be merged with gssapi.patch (for obvious reasons). Harald. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1608965 Title: ssh GSSAPI rekey failure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs