Thanks - I'll cherry-pick that into Debian, so zesty will get the fix. I'd appreciate somebody else handling SRUs, though.
** Bug watch added: Debian Bug tracker #851734 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851734 ** Changed in: openssh (Debian) Importance: Undecided => Unknown ** Changed in: openssh (Debian) Status: New => Unknown ** Changed in: openssh (Debian) Remote watch: None => Debian Bug tracker #851734 ** Also affects: openssh (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: openssh (Ubuntu Yakkety) Importance: Undecided Status: New ** Changed in: openssh (Ubuntu) Importance: Medium => High ** Changed in: openssh (Ubuntu Xenial) Status: New => Triaged ** Changed in: openssh (Ubuntu Xenial) Importance: Undecided => High ** Changed in: openssh (Ubuntu Yakkety) Status: New => Triaged ** Changed in: openssh (Ubuntu Yakkety) Importance: Undecided => High ** Changed in: openssh (Ubuntu) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1668093 Title: ssh-keygen -H corrupts already hashed entries Status in openssh package in Ubuntu: Fix Committed Status in openssh source package in Xenial: Triaged Status in openssh source package in Yakkety: Triaged Status in openssh package in Debian: Unknown Bug description: xenial @ 1:7.2p2-4ubuntu2.1 on amd64 has this bug. trusty @ 1:6.6p1-2ubuntu2.8 on amd64 does not have this bug. I have not tested any other ssh versions. The following should reproduce the issue: #ssh-keyscan XXXX > ~/.ssh/known_hosts # ssh root@XXXXX Permission denied (publickey). # ssh-keygen -H /root/.ssh/known_hosts updated. Original contents retained as /root/.ssh/known_hosts.old WARNING: /root/.ssh/known_hosts.old contains unhashed entries Delete this file to ensure privacy of hostnames # ssh root@XXXXXX Permission denied (publickey). # ssh-keygen -H /root/.ssh/known_hosts updated. Original contents retained as /root/.ssh/known_hosts.old WARNING: /root/.ssh/known_hosts.old contains unhashed entries Delete this file to ensure privacy of hostnames # ssh root@XXXXX The authenticity of host 'XXXXXX' can't be established. RSA key fingerprint is XXXXXX. Are you sure you want to continue connecting (yes/no)? # diff known_hosts.old known_hosts 1c1 < |1|BoAbRpUE3F5AzyprJcbjdepeDh8=|x/1AcaLxh45FlShmVQnlgx2qjxY= XXXXX --- > |1|nTPsoLxCugQyZi3pqOa2pc/cX64=|bUH5qwZlZPp8msMGHdLtslf3Huk= XXXXX To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1668093/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
