RE: Announce: OpenSSH 8.9 released

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wednesday, February 23, 2022 7:09 AM, Damien Miller <djm@xxxxxxxxxxxxxxx> wrote:
<OpenSSH 8.9 has just been released. It will be available from the mirrors listed at https://urldefense.com/v3/__https://www.openssh.com/__;!!OToaGQ!8Cf0KPZ5tLwOiN5u2XUTZs2M3RI-4WweqkikJOlCHgDAnnS_4y14RrV9Wu4mI3-S8v8$  shortly.

Running "make tests" revealed 2 "cert type" tests in "hostkey-agent.sh" script to fail. Those 2 tests are not present in RC from Feb. 11, where all tests passed successfully.
Those failed tests are "sk-ssh-*" and "sk-ecdsa-*" below (4 lines with errors are shifted to the right in output below):
ok restrict pubkey type
run test hostkey-agent.sh ...
key type ssh-ed25519
key type ssh-rsa
key type ssh-dss
key type ecdsa-sha2-nistp256
key type ecdsa-sha2-nistp384
key type ecdsa-sha2-nistp521
cert type ssh-ed25519-cert-v01@xxxxxxxxxxx
cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
           cert type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx failed
           bad SSH_CONNECTION key type sk-ssh-ed25519-cert-v01@xxxxxxxxxxx
cert type ssh-rsa-cert-v01@xxxxxxxxxxx
cert type rsa-sha2-256-cert-v01@xxxxxxxxxxx
cert type rsa-sha2-512-cert-v01@xxxxxxxxxxx
cert type ssh-dss-cert-v01@xxxxxxxxxxx
cert type ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
cert type ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx
cert type ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx
cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
           cert type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx failed
           bad SSH_CONNECTION key type sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx
failed hostkey agent

Re-tested release candidate from Feb. 11 and no "cert type sk-*" tests were found. 
Could it happened that the required priv/pub keys are missing in "./regress" subdir and this is why it says "bad key type" ?

Filtering out those 2 cert types helped to pass all tests successfully.

Thanks

--
Val Baranov val.baranov@xxxxxxxx>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux