I have tested all three packages and they seem to work as intended. The updated packages also log the correct ssh fingerprint. Below is the log output of all versions as well as ssh-keygen -l for comparison.
bionic with version 0.10.3-1ubuntu0.1 sec-bionic-amd64 sudo[11266]: pam_ssh_agent_auth: Found matching RSA key: SHA256:ySD/CRV7ouZZ46dKYAxPYRpgB8nSmHZ/cU8v0vwAwX0 focal with version 0.10.3-3ubuntu1.20.04.1: sec-focal-pam-amd64 sudo[3692]: pam_ssh_agent_auth: Found matching RSA key: SHA256:ySD/CRV7ouZZ46dKYAxPYRpgB8nSmHZ/cU8v0vwAwX0 impish version 0.10.3-3ubuntu1.21.10.1: sec-impish-amd64 sudo[3214]: pam_ssh_agent_auth: Found matching RSA key: SHA256:ySD/CRV7ouZZ46dKYAxPYRpgB8nSmHZ/cU8v0vwAwX0 ssh-keygen for comparsion: user@kischte:~$ ssh-keygen -lf .ssh/id_rsa 4096 SHA256:ySD/CRV7ouZZ46dKYAxPYRpgB8nSmHZ/cU8v0vwAwX0 user@kischte (RSA) I also tested with fips enabled to make sure it no longer segfaults. On focal with libpam-ssh-agent-auth=0.10.3-3ubuntu1 i got: user@sec-focal-pam-amd64:~$ sudo ls Segmentation fault (core dumped) focal with libpam-ssh-agent-auth=0.10.3-3ubuntu1.20.04.1 fixes the segfault: user@sec-focal-pam-amd64:~$ sudo ls test ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-impish ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-impish -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1964486 Title: crash when in FIPS mode To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1964486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
