> rescue-ssh.target is a disabled or a static unit not running, not starting it.
Not really a complaint, just informational.
> But I think the underlying issue is that ssh is already on, and I'm logged in via it.
> And that makes the service restart of the ssh socket which was added break.
I recall that I did test this case without problem. sshd in general doesn't fail if there are open connections and you restart it, because it properly configures its sockets with SO_REUSEADDR.
To debug this I would really want to see what process is holding that port; but as you've rebooted, that's not really possible to see now. If you ever reproduce it on another instance, please grab the output of fuser -n tcp 22 or equivalent! If we failed to stop the ssh.service, we want to see why.
> One thing though, I have not upgraded with do-release-upgrade - would we
> / do we have magic there to make the ssh socket activation transition smoother?
No, this is all supposed to be handled cleanly with the package maintainer scripts alone.
> rescue-ssh.target is a disabled or a static unit not running, not starting it.
Not really a complaint, just informational.
> But I think the underlying issue is that ssh is already on, and I'm logged in via it.
> And that makes the service restart of the ssh socket which was added break.
I recall that I did test this case without problem. sshd in general doesn't fail if there are open connections and you restart it, because it properly configures its sockets with SO_REUSEADDR.
To debug this I would really want to see what process is holding that port; but as you've rebooted, that's not really possible to see now. If you ever reproduce it on another instance, please grab the output of fuser -n tcp 22 or equivalent! If we failed to stop the ssh.service, we want to see why.
> One thing though, I have not upgraded with do-release-upgrade - would we
> / do we have magic there to make the ssh socket activation transition smoother?
No, this is all supposed to be handled cleanly with the package maintainer scripts alone.