[PLUG] openssh-server upgrade/problem resolved
Bruce KIlpatrick
bakilpatrick at verizon.net
Wed May 14 16:32:24 UTC 2008
Matt McKenzie wrote:
> Did you hear about the SSH vulnerability that was patched in Debian and all
> it's derivatives (including Ubuntu)?
> Debian:
> http://lists.debian.org/debian-security-announce/2008/msg00152.html
>
> Ubuntu
> https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May/000705.html
>
> Note this was a Debian (and derivative) specific issue, with the packages
> (random number generator wasn't really random, getting "dirty" data), not an
> issue with OpenSSH or OpenSSL itself.
>
> This is most likely the reason.
> Not sure about the templates issue you saw but it could be there was
> something related that was also fixed...
>
> As a side note you may want to regenerate your SSH keys on your Ubuntu box,
> if you log into it remotely (probably even if you don't).
>
> On Tue, May 13, 2008 at 11:35 PM, Bruce KIlpatrick <bakilpatrick at verizon.net>
> wrote:
>
>
>> Bruce KIlpatrick wrote:
>>
>>> This morning my HP laptop running Ubuntu 7.10 AMD64 upgraded several
>>> things relating to ssh. All seemed to go well until the end. It seems
>>> openssh-server has some issues.
>>>
>>> Here is what I tried and the results:
>>>
>>> :~# aptitude -f install openssh-server
>>> Reading package lists... Done
>>> Building dependency tree
>>> Reading state information... Done
>>> Reading extended state information
>>> Initializing package states... Done
>>> Building tag database... Done
>>> The following NEW packages will be installed:
>>> openssh-server
>>> The following partially installed packages will be configured:
>>> ssh
>>> 0 packages upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
>>> Need to get 0B/269kB of archives. After unpacking 705kB will be used.
>>> Writing extended state information... Done
>>> Preconfiguring packages ...
>>> openssh-server template parse error: Template #4 in
>>> /tmp/openssh-server.template.79820 has a duplicate field "template" with
>>> new value "ssh/vulnerable_host_keys". Probably two templates are not
>>> properly separated by a lone newline.
>>>
>>> (Reading database ... 118664 files and directories currently installed.)
>>> Unpacking openssh-server (from
>>> .../openssh-server_1%3a4.6p1-5ubuntu0.3_amd64.deb) ...
>>> Template #4 in /var/lib/dpkg/tmp.ci/templates has a duplicate field
>>> "template" with new value "ssh/vulnerable_host_keys". Probably two
>>> templates are not properly separated by a lone newline.
>>> dpkg: error processing
>>> /var/cache/apt/archives/openssh-server_1%3a4.6p1-5ubuntu0.3_amd64.deb
>>> (--unpack):
>>> subprocess pre-installation script returned error exit status 255
>>> Errors were encountered while processing:
>>> /var/cache/apt/archives/openssh-server_1%3a4.6p1-5ubuntu0.3_amd64.deb
>>> E: Sub-process /usr/bin/dpkg returned an error code (1)
>>> A package failed to install. Trying to recover:
>>> dpkg: dependency problems prevent configuration of ssh:
>>> ssh depends on openssh-server; however:
>>> Package openssh-server is not installed.
>>> dpkg: error processing ssh (--configure):
>>> dependency problems - leaving unconfigured
>>> Errors were encountered while processing:
>>> ssh
>>> Reading package lists... Done
>>> Building dependency tree
>>> Reading state information... Done
>>> Reading extended state information
>>> Initializing package states... Done
>>> Building tag database... Done
>>>
>>> I have tried to look into the directories mentioned, but can't find them
>>> (I have the "show hidden files" checked.
>>>
>>>
>>> I have Googled without finding any references to the problem. Any
>>> suggestions as to the fix?
>>>
>>> Thank you,
>>>
>>> Bruce
>>> _______________________________________________
>>> PLUG mailing list
>>> PLUG at lists.pdxlinux.org
>>> http://lists.pdxlinux.org/mailman/listinfo/plug
>>>
>>>
>>>
>> Well, it seems I figured out the solution on my own. I tried using dpkg
>> in what I thought were unsuccessful attempts to resolve the dependency
>> issues. Either something I did worked or something changed in the
>> repository and apt-get update/upgrade solved the problem.
>>
>> Bruce
>> _______________________________________________
>> PLUG mailing list
>> PLUG at lists.pdxlinux.org
>> http://lists.pdxlinux.org/mailman/listinfo/plug
>>
>>
>
>
>
>
Thanks for the pointer. I received another update this morning that
(according to what I Googled) regenerated the appropriate keys (replaced
a certificate). I went ahead and followed the instructions to
regenerate them again, just for giggles. I am not using remote login at
this time, but will be again in the near future.
Bruce
More information about the PLUG
mailing list