sshd -t check failed when sshd not running
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
after stopped ssh service, the sshd -t will check failed, and a error reported: "Missing privilege separation directory: /run/sshd", but when there is a invalid configrue in sshd_config, the check is working properly
cat /etc/os-release
PRETTY_NAME="Ubuntu 24.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.2 LTS (Noble Numbat)"
VERSION_
ID=ubuntu
ID_LIKE=debian
HOME_URL="https:/
SUPPORT_URL="https:/
BUG_REPORT_URL="https:/
PRIVACY_
UBUNTU_
LOGO=ubuntu-logo
systemctl stop ssh
sshd -t
Missing privilege separation directory: /run/sshd
echo "invalid_test" >> /etc/ssh/
sshd -t
/etc/ssh/
/etc/ssh/
Hello, @jinkangkang, thanks for reaching out and reporting this.
This is the expected behavior for sshd.
If your configuration is not correct, the command will state it as it should.
If your configuration is correct, no config errors are shown, as sshd is able to parse the config file. Then, after that, it says the privilege separation directory is not there, not exactly because you are not running the daemon, but because you are running sshd as root. The root user (or kerberos authenticated user) need the dir to be present to be able to run sshd - you can check that, running as root, this error happens even without the -t flag.
If your configuration is correct and you run sshd -t as a non-root user, it should work without complaining about the directory.
I am closing this bug as invalid, but please feel free to reopen and add context if you think something in this flow is wrong.