I ran the usual update sequence of apt update && apt upgrade && apt-dist upgrade and right after that my script has a routine that makes a git pull and then backs its runtime logs up by pushing to git, and that right from that update stopped working with error:
139890995726016:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory
139890995726016:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
139890995726016:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
139890995726016:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
fatal: Could not read from remote repository.
The bigger problem is I now cannot ssh into my server.
What can I do? Please help!
Is the server lost?
This is the SSL relevant apt-upgrade section:
The following packages will be upgraded:
libapache2-mod-php7.0 libssl-dev libssl-doc libssl1.1 openssl php7.0
php7.0-cli php7.0-common php7.0-curl php7.0-json php7.0-mysql php7.0-opcache
php7.0-readline php7.0-xml php7.0-zip php7.1-cli php7.1-common php7.1-json
php7.1-opcache php7.1-readline php7.1-xml php7.2-cli php7.2-common
php7.2-json php7.2-opcache php7.2-readline php7.2-xml php7.2-zip tzdata
29 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 14.8 MB of archives.
After this operation, 1,871 kB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl-doc all 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,736 kB]
Get:2 http://mirrors.digitalocean.com/ubuntu/ trusty-updates/main tzdata all 2018f-0ubuntu0.14.04 [165 kB]
Get:3 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl-dev amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,769 kB]
Get:4 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl1.1 amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,490 kB]
Get:5 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main libapache2-mod-php7.0 amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [1,195 kB]
Get:6 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-cli amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [1,254 kB]
Get:7 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-common amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [881 kB]
Get:8 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-json amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [17.2 kB]
Get:9 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-opcache amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [77.5 kB]
Get:10 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-readline amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [12.3 kB]
Get:11 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main openssl amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [820 kB]
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Not solved but cannot edit anymore: it appears the new packages are buggy (updated on the Sury repository 14 hours ago). Downgrading openssl and libssl1.1 to previous versions returned git to fucntion, still no ssh.
$ openssl version
OpenSSL 1.1.1 11 Sep 2018
$ sudo apt install openssl=1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1
$ openssl version
=> OpenSSL 1.1.0h 27 Mar 2018 (Library: OpenSSL 1.1.1 11 Sep 2018)
This fixed git.
edit:
Downgrading everything openssl-related and restarting SSH solves the issue.
In case someone lands here, all the previous versions of packages are logged in /var/log/apt/history.log
libssl1.1:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
libssl-dev:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
libssl-doc:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
openssl:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
and then sudo service ssh restart
Correct open ports:
$ netstat -tlpn
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN -
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:25 :::* LISTEN -
tcp6 0 0 :::443 :::* LISTEN -
This comment has been deleted
I’ve got error trying to execute:
I had to run first:
Then I downgrade openssl to 1.0.1f-1ubuntu2.26 running the following command:
Finally:
:)
we have to wait for the new corrected package…
Corrected packages are up.
Broken:
1.1.1-1+ubuntu14.04.1+deb.sury.org+1Current:
1.1.1-1+ubuntu14.04.1+deb.sury.org+2This is definitely an issue with open ssl 1.1.1 I am getting exactly the same issue on 14.04.1 after a apt dist-upgrade
Cannot roll back as the old version is no longer available in the packages.
Can we please get the old version (1.1.0h) be available so we can downgrade?
I mean, I am still logged in with that session it didn’t kick me out. I just don’t understand what happened and how to restore my SSH access. The server needs to be managed, it is used by a business.
That does not solve the problem.
Did you try using the console from the control panel to access your server? https://www.digitalocean.com/docs/droplets/how-to/connect-with-console/