Question

Ubuntu 14 - SSH stopped working after updating openssl

I ran the usual update sequence of apt update && apt upgrade && apt-dist upgrade and right after that my script has a routine that makes a git pull and then backs its runtime logs up by pushing to git, and that right from that update stopped working with error:

139890995726016:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory
139890995726016:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
139890995726016:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
139890995726016:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
fatal: Could not read from remote repository.

The bigger problem is I now cannot ssh into my server.

What can I do? Please help!

Is the server lost?

This is the SSL relevant apt-upgrade section:

The following packages will be upgraded:
  libapache2-mod-php7.0 libssl-dev libssl-doc libssl1.1 openssl php7.0
  php7.0-cli php7.0-common php7.0-curl php7.0-json php7.0-mysql php7.0-opcache
  php7.0-readline php7.0-xml php7.0-zip php7.1-cli php7.1-common php7.1-json
  php7.1-opcache php7.1-readline php7.1-xml php7.2-cli php7.2-common
  php7.2-json php7.2-opcache php7.2-readline php7.2-xml php7.2-zip tzdata
29 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 14.8 MB of archives.
After this operation, 1,871 kB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl-doc all 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,736 kB]
Get:2 http://mirrors.digitalocean.com/ubuntu/ trusty-updates/main tzdata all 2018f-0ubuntu0.14.04 [165 kB]
Get:3 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl-dev amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,769 kB]
Get:4 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main libssl1.1 amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [1,490 kB]
Get:5 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main libapache2-mod-php7.0 amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [1,195 kB]
Get:6 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-cli amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [1,254 kB]
Get:7 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-common amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [881 kB]
Get:8 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-json amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [17.2 kB]
Get:9 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-opcache amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [77.5 kB]
Get:10 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-readline amd64 7.0.32-3+ubuntu14.04.1+deb.sury.org+1 [12.3 kB]
Get:11 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main openssl amd64 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1 [820 kB]
Show comments
Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

janaaaf27128f096c7b47fa0f7October 28, 2018
Accepted Answer

Not solved but cannot edit anymore: it appears the new packages are buggy (updated on the Sury repository 14 hours ago). Downgrading openssl and libssl1.1 to previous versions returned git to fucntion, still no ssh.

$ openssl version
OpenSSL 1.1.1  11 Sep 2018
$ sudo apt install openssl=1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1
$ openssl version
=> OpenSSL 1.1.0h  27 Mar 2018 (Library: OpenSSL 1.1.1  11 Sep 2018)
This fixed git.

edit:

Downgrading everything openssl-related and restarting SSH solves the issue.

In case someone lands here, all the previous versions of packages are logged in /var/log/apt/history.log

libssl1.1:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
libssl-dev:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
libssl-doc:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)
openssl:amd64 (1.1.0h-2.0+ubuntu14.04.1+deb.sury.org+1, 1.1.1-1+ubuntu14.04.1+deb.sury.org+0.1)

and then sudo service ssh restart

Correct open ports:

$ netstat -tlpn
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      -
tcp6       0      0 :::80                   :::*                    LISTEN      -
tcp6       0      0 :::22                   :::*                    LISTEN      -
tcp6       0      0 ::1:25                  :::*                    LISTEN      -
tcp6       0      0 :::443                  :::*                    LISTEN      -
Tarek FadelOctober 28, 2018

This comment has been deleted

    Try DigitalOcean for free

    Click below to sign up and get $200 of credit to try our products over 60 days!

    Sign up

    card icon
    Get our biweekly newsletter

    Sign up for Infrastructure as a Newsletter.

    Sign up
    card icon
    Hollie's Hub for Good

    Working on improving health and education, reducing inequality, and spurring economic growth? We’d like to help.

    Learn more
    card icon
    Become a contributor

    You get paid; we donate to tech nonprofits.

    Learn more
    Featured on Community
    Kubernetes CourseLearn Python 3Machine Learning in PythonGetting started with GoIntro to Kubernetes
    DigitalOcean Products
    CloudwaysVirtual MachinesManaged DatabasesManaged KubernetesBlock StorageObject StorageMarketplaceVPCLoad Balancers
    Welcome to the developer cloud

    DigitalOcean makes it simple to launch in the cloud and scale up as you grow – whether you’re running one virtual machine or ten thousand.

    Learn more ->
    DigitalOcean Cloud Control Panel
    Get started for free

    Enter your email to get $200 in credit for your first 60 days with DigitalOcean.

    New accounts only. By submitting your email you agree to our Privacy Policy.

    © 2023 DigitalOcean, LLC.