Your message dated Tue, 21 Jun 2022 08:13:38 +0200 with message-id <yrfhkmmovgrbq...@breakpoint.cc> and subject line Re: Bug#1012564: openssl: ckermit can't connect to telnetd-ssl with openssl 3.0.3-7 has caused the Debian Bug report #1012564, regarding openssl: ckermit can't connect to telnetd-ssl with openssl 3.0.3-7 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1012564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012564 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: openssl Version: 3.0.3-7 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? Upgrading openssl, libssl3 to 3.0.3-7 from 3.0.3-6 on host system prevented ckermit 305~alpha07-1+b1 on client system with libssl3 3.0.3-6 from connecting to telnetd-ssl 0.17.41+0.2-3.3 on host system. * What exactly did you do (or not do) that was effective (or ineffective)? I first downgraded libssl3 from 3.0.3-7 on host system to 3.0.3-6 but that didn't resolve the issue. After I downgraded openssl from 3.0.3-7 to 3.0.3-6 on the host system, I was able to connect from the client system which still runs openssl 3.0.3-6 and libssl3 3.0.3-6. Note, I am NOT running telnetd-ssl 0.17.41+0.2-3.3+b1 due to bug #1010968 * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** -- System Information: Debian Release: bookworm/sid APT prefers experimental APT policy: (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.19.0-rc1+ (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages openssl depends on: ii libc6 2.33-7 ii libssl3 3.0.3-6 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20211016 -- no debconf information
--- End Message ---
--- Begin Message ---On 2022-06-21 03:55:06 [+0930], Arthur Marsh wrote: > When upgrading telnetd-ssl (017.41+0.2-3.3+b1) over > (0.17.41+0.2-3.3)I received the line:You already have > /etc/telnetd-ssl/telnetd.pem > After upgrading both telnetd-ssl as above and openssl (3.0.3-8) over > (3.0.3-6),I still had telnet-ssl localhost failing:$ telnet-ssl > localhost > Trying ::1... > Connected to localhost. > Escape character is '^]'. > Error loading CRT /etc/telnetd-ssl/telnetd.pem: , ee key too small > do_ssleay_init() failed > 408788F4E87F0000:error:0A00018F:SSL > routines:SSL_CTX_use_certificate:ee key too > small:../ssl/ssl_rsa.c:221: Please check the key size of telnetd.pem and create a larger key. You need 2048k+ RSA. This was mandatory even in 1.1 but you could avoid it… … > This solves the issue I was having and the > /etc/telnetd-ssl/telnetd.pem "ee key too small" may be a clue to what > was causing problems for me.Thanks for your time looking at > this.Arthur Marsh. Okay. Closing this then. Sebastian
--- End Message ---
