Ubuntu
openssh package

  1. Bug #1991199
  2. Comment #0

Comment 0 for bug 1991199

Revision history for this message
Daniel Tang (daniel-z-tg) wrote :

The automatic migration script from jammy to kinetic generates a invalid file for sshd that systemd refuses to read. Manual addition of two lines is required for a functional sshd with a custom port.

$ lsb_release -rd
Description: Ubuntu Kinetic Kudu (development branch)
Release: 22.10

$ apt-cache policy openssh-server
openssh-server:
  Installed: 1:9.0p1-1ubuntu6
  Candidate: 1:9.0p1-1ubuntu6
  Version table:
 *** 1:9.0p1-1ubuntu6 500
        500 https://gpl.savoirfairelinux.net/pub/mirrors/ubuntu kinetic/main amd64 Packages
        100 /var/lib/dpkg/status

$ apt-cache policy systemd
systemd:
  Installed: 251.4-1ubuntu6
  Candidate: 251.4-1ubuntu6
  Version table:
 *** 251.4-1ubuntu6 500
        500 https://gpl.savoirfairelinux.net/pub/mirrors/ubuntu kinetic/main amd64 Packages
        100 /var/lib/dpkg/status

# Instructions

- Configure /etc/ssh/sshd_config to port 2222 in 22.04
- Upgrade to 22.10 with sudo do-release-upgrade -d
- Accept overwriting /etc/ssh/sshd_config with the new version
- Attempt to ssh into the machine

# Expected behavior

systemd should listen on port 2222 and start sshd.

$ cat /etc/systemd/system/ssh.socket.d/addresses.conf
[Socket]
ListenStream=
ListenStream=2222

$ systemctl status ssh.socket
● ssh.socket - OpenBSD Secure Shell server socket
     Loaded: loaded (/lib/systemd/system/ssh.socket; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/ssh.socket.d
             └─addresses.conf
     Active: active (running) since Thu 2022-09-29 02:08:56 EDT; 9min ago
      Until: Thu 2022-09-29 02:08:56 EDT; 9min ago
   Triggers: ● ssh.service
     Listen: [::]:2222 (Stream)
      Tasks: 0 (limit: 19047)
     Memory: 8.0K
        CPU: 923us
     CGroup: /system.slice/ssh.socket

Sep 29 02:08:56 daniel-desktop2 systemd[1]: Listening on OpenBSD Secure Shell server socket.

# Actual behavior

Port 2222 refuses any connection. Systemd fails to parse the automatically generated file:

$ systemctl status ssh.socket
● ssh.socket - OpenBSD Secure Shell server socket
     Loaded: loaded (/lib/systemd/system/ssh.socket; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/ssh.socket.d
             └─addresses.conf
     Active: active (listening) since Thu 2022-09-29 01:51:57 EDT; 16min ago
      Until: Thu 2022-09-29 01:51:57 EDT; 16min ago
   Triggers: ● ssh.service
     Listen: [::]:22 (Stream)
      Tasks: 0 (limit: 19047)
     Memory: 8.0K
        CPU: 982us
     CGroup: /system.slice/ssh.socket

Sep 29 01:51:57 daniel-desktop2 systemd[1]: Listening on OpenBSD Secure Shell server socket.
Sep 29 01:56:23 daniel-desktop2 systemd[1]: /etc/systemd/system/ssh.socket.d/addresses.conf:1: Assignment outside of section. Ignoring.

$ cat /etc/systemd/system/ssh.socket.d/override.conf
ListenStream=2222

# Analysis

The migration script must be missing the `[Socket]` line and the next one. sshd works after I added those two lines manually. Either the migration script never worked or systemd changed the syntax in the meantime.