I tested openssh (1:8.9p1-3ubuntu0.12) from jammy-proposed, according to
"Test Plan 2". Looking good!
[ Test Plan 2 ]
###Set up a Jammy LXD container & install openssh-server from proposed:
root@jjsru:~# apt list *openssh-server*
Listing... Done
openssh-server/jammy-proposed,now 1:8.9p1-3ubuntu0.12 amd64 [installed]
root@jjsru:~# adduser test
Adding user `test' ...
Adding new group `test' (1001) ...
Adding new user `test' (1001) with group `test' ...
Creating home directory `/home/test' ...
Copying files from `/etc/skel' ...
New password: [test]
Retype new password: [test]
passwd: password updated successfully
Changing the user information for test
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n]
### Adopt SSH config & restart service
root@jjsru:~# vim /etc/ssh/sshd_config.d/60-cloudimg-settings.conf
root@jjsru:~# grep -R PasswordAuthentication /etc/ssh/
/etc/ssh/ssh_config:# PasswordAuthentication yes
/etc/ssh/sshd_config.d/60-cloudimg-settings.conf:PasswordAuthentication yes
/etc/ssh/sshd_config:#PasswordAuthentication yes
/etc/ssh/sshd_config:# PasswordAuthentication. Depending on your PAM
configuration,
/etc/ssh/sshd_config:# PAM authentication, then enable this but set
PasswordAuthentication
root@jjsru:~# systemctl restart ssh.service
root@jjsru:~# ip a show eth0
41: eth0@if42: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether 00:16:3e:49:68:fb brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.238.94.15/24 metric 100 brd 10.238.94.255 scope global dynamic eth0
valid_lft 3390sec preferred_lft 3390sec
inet6 fd42:7213:f20e:bd74:216:3eff:fe49:68fb/64 scope global mngtmpaddr
noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::216:3eff:fe49:68fb/64 scope link
valid_lft forever preferred_lft forever
### From the host (password login OK):
$ ssh test@10.238.94.15
The authenticity of host '10.238.94.15 (10.238.94.15)' can't be established.
ED25519 key fingerprint is SHA256:nC8MUedwKPMY/uH6RjxGExIHo06T1w+9o7yblelI/XQ.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.238.94.15' (ED25519) to the list of known hosts.
test@10.238.94.15's password: [test]
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
test@jjsru:~$ ssh-import-id-lp slyon
2025-04-01 13:24:57,218 INFO Authorized key ['4096',
'SHA256:sciOAYEEOgZuev6e/fxLpojXxsiZsJPzn1Jk8LaYvVg',
'lukas.maerd...@canonical.com', '(RSA)']
2025-04-01 13:24:57,219 INFO [1] SSH keys [Authorized]
### From the host (pubkey login OK):
$ ssh -i ~/.ssh/canonical_id_rsa test@10.238.94.15
Enter passphrase for key '/home/lukas/.ssh/canonical_id_rsa':
Welcome to Ubuntu 22.04.5 LTS (GNU/Linux 6.8.0-55-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/pro
System information as of Tue Apr 1 13:25:54 UTC 2025
System load: 0.64
Usage of /: 72.0% of 294.23GB
Memory usage: 0%
Swap usage: 0%
Temperature: 56.0 C
Processes: 31
Users logged in: 0
IPv4 address for eth0: 10.238.94.15
IPv6 address for eth0: fd42:7213:f20e:bd74:216:3eff:fe49:68fb
Expanded Security Maintenance for Applications is not enabled.
19 updates can be applied immediately.
To see these additional updates run: apt list --upgradable
Enable ESM Apps to receive additional future security updates.
See https://ubuntu.com/esm or run: sudo pro status
New release '24.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Tue Apr 1 13:24:24 2025 from 10.238.94.1
test@jjsru:~$
=> All working as expected!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2028282
Title:
[SRU] SSH pubkey authetication fails when GSSAPI enabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2028282/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
