[DRE-maint] Bug#1008541: Bug#1008541: vagrant: Cant create boxes running ssh 8.8

Lucas Nussbaum lucas at debian.org
Fri Apr 8 16:54:56 BST 2022


Hi Antonio,

On 08/04/22 at 10:15 -0300, Antonio Terceiro wrote:
> Control: forcemerge 1009155 -1
> 
> Hi,
> 
> On Fri, Apr 08, 2022 at 07:41:18AM +0200, Lucas Nussbaum wrote:
> > On 28/03/22 at 16:54 +0200, Arnaud Patard wrote:
> > > Package: vagrant
> > > Severity: normal
> > > 
> > > Dear Maintainer,
> > > 
> > > 
> > > It's not possible to start a VM on bullseye with this Vagrantfile:
> > > 
> > > Vagrant.configure("2") do |config|
> > >   config.vm.box = "generic/alpine315"
> > > end
> > > 
> > > It's stuck while trying the use SSH. generic/alpine310 is fine for instance.
> > > After debugging, it turns out that it's due to ssh 8.8 running inside the guest.
> > > 
> > > It has been:
> > > - fixed in ruby net-ssh:
> > >   https://github.com/net-ssh/net-ssh/commit/a45f54fe1de434605af0b7195dd9a91bccd2cec5
> > > - workarounded in vagrant with lib/vagrant/patches/net-ssh.rb
> > > 
> > > Doing a quick&dirty backport of sid vagrant seems to fix the issue.
> > > 
> > > I'm not sure which package should be fixed (rubygem-net-ssh or vagrant)
> > > so bugging against vagrant since it's this package not working.
> > > 
> > > Thanks,
> > > Arnaud
> > 
> > Hi,
> > 
> > This is #1009155 in ruby-net-ssh. I plan to backport the package to
> > bullseye-backports once the fixed ruby-net-ssh package is accepted in
> > testing.
> > 
> > However, I don't know if we want to consider "use ruby-net-ssh from
> > backports" a sufficient solution for this issue.
> 
> Thanks for looking into this. I backported
> https://github.com/net-ssh/net-ssh/pull/838 to bullseye. It did not
> apply cleanly, but that was mainly due to reformating (indentation,
> spaces etc) that was done since the the version in bullseye and the one
> the patch was written against.
> 
> The resulting package builds fine passing its test suite, and passes
> autopkgtest as well.
> 
> However, I don't have a stable system where I can run vagrant and test
> this. Would one of you be able to test the attached .deb on a stable
> system, with vagrant from stable? The source is
> https://salsa.debian.org/ruby-team/ruby-net-ssh/-/commit/c32bed634c25deff5837b9e43f5ee7a6b646915c

I confirm that your fixed package works on a stable system with the
reporter's test case.

However, it doesn't work when trying to connect to a Debian 'testing'
system (with OpenSSH 8.8) outside of vagrant:

/usr/share/rubygems-integration/all/gems/net-ssh-6.1.0/lib/net/ssh/transport/algorithms.rb:407:in `negotiate': could not settle on host_key algorithm (Net::SSH::Exception)
Server host_key preferences: rsa-sha2-512,rsa-sha2-256
Client host_key preferences: ssh-rsa,ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com

I think this is because you only backported #838. You also need to
backport https://github.com/net-ssh/net-ssh/pull/771, which fixes
https://github.com/net-ssh/net-ssh/issues/712 (see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009155#5 ).

Lucas



More information about the Pkg-ruby-extras-maintainers mailing list