openssh-server should ship a systemd generator to generate ssh socket port configuration from sshd_config
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
A criticism of the existing sshd socket activation implementation is that Port/ListenAddress options are migrated on a one-time basis at package upgrade time, and afterwards users get the surprising behavior that Port/ListenAddress settings added to sshd_config are ignored.
A systemd generator could be used to change the ssh socket unit configuration on boot, and on each change of /etc/ssh/
ssh.socket:
[Unit]
Wants=sshd-
#
# Note the below defaults are cleared and overriden by
# /lib/systemd/
# based on the sshd config from the sshd -T output
#
ListenStream=
ListenStream=
diff --git a/systemd/
new file mode 100644
index 000000000.
--- /dev/null
+++ b/systemd/
@@ -0,0 +1,4 @@
+[Unit]
+ConditionPathE
+[Path]
+PathChanged=
diff --git a/systemd/
new file mode 100644
index 000000000.
--- /dev/null
+++ b/systemd/
@@ -0,0 +1,5 @@
+[Unit]
+Description=
+
+[Service]
+ExecStart=
diff --git a/systemd/
new file mode 100755
index 000000000.
--- /dev/null
+++ b/systemd/
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+mkdir -p /run/sshd
+sshd -t
+mkdir -p $1/ssh.socket.d
+target=
+echo '[Socket]' > $target
+echo 'ListenStream=' >> $target
+sshd -T | sed -n 's/^listenaddress /ListenStream=/p' >> $target
+rmdir --ignore-
Changed in openssh (Ubuntu): | |
status: | Confirmed → Triaged |
importance: | Undecided → High |
tags: | added: ssh-socket-activation |
Status changed to 'Confirmed' because the bug affects multiple users.