2024-06-11 11:51:51 |
teutat3s |
bug |
|
|
added bug |
2024-06-11 15:49:02 |
Steve Langasek |
tags |
|
rls-nn-incoming rls-oo-incoming |
|
2024-06-12 18:58:01 |
Sergio Durigan Junior |
openssh (Ubuntu): status |
New |
Triaged |
|
2024-06-12 21:46:51 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
2024-06-13 15:25:41 |
Nick Rosbrook |
nominated for series |
|
Ubuntu Noble |
|
2024-06-13 15:25:41 |
Nick Rosbrook |
bug task added |
|
openssh (Ubuntu Noble) |
|
2024-06-13 15:25:58 |
Julian Andres Klode |
tags |
rls-nn-incoming rls-oo-incoming |
foundations-todo |
|
2024-06-13 15:26:24 |
Nick Rosbrook |
openssh (Ubuntu Noble): status |
New |
Triaged |
|
2024-06-13 15:26:37 |
Nick Rosbrook |
openssh (Ubuntu Noble): assignee |
|
Nick Rosbrook (enr0n) |
|
2024-06-13 15:26:39 |
Nick Rosbrook |
openssh (Ubuntu): assignee |
|
Nick Rosbrook (enr0n) |
|
2024-06-13 15:26:44 |
Nick Rosbrook |
openssh (Ubuntu): importance |
Undecided |
Medium |
|
2024-06-13 15:26:46 |
Nick Rosbrook |
openssh (Ubuntu Noble): importance |
Undecided |
Medium |
|
2024-06-18 17:52:37 |
Nick Rosbrook |
description |
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
[Impact]
There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu).
Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work.
[Test Plan]
The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply
install openssh-server from noble-proposed, and verify that the comment is there.
[Where problems could occur]
There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing.
Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config.
[Original Description]
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
|
2024-06-18 17:53:12 |
Nick Rosbrook |
openssh (Ubuntu): status |
Triaged |
Fix Committed |
|
2024-06-18 17:55:30 |
Nick Rosbrook |
description |
[Impact]
There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu).
Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work.
[Test Plan]
The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply
install openssh-server from noble-proposed, and verify that the comment is there.
[Where problems could occur]
There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing.
Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config.
[Original Description]
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
[Impact]
There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu).
Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work.
[Test Plan]
The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply install openssh-server from noble-proposed, and verify that the comment is there.
[Where problems could occur]
There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing.
Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config.
[Original Description]
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
|
2024-06-18 17:56:33 |
Nick Rosbrook |
summary |
Changing Port in sshd_config and restarting ssh.service without effect |
Changing Port in sshd_config requires calling systemctl daemon-reload |
|
2024-06-18 19:51:32 |
Nick Rosbrook |
openssh (Ubuntu Noble): status |
Triaged |
In Progress |
|
2024-06-19 14:13:01 |
Nick Rosbrook |
description |
[Impact]
There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu).
Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work.
[Test Plan]
The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply install openssh-server from noble-proposed, and verify that the comment is there.
[Where problems could occur]
There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing.
Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config.
[Original Description]
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
[Impact]
There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu).
Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work.
[Test Plan]
1. The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply install openssh-server from noble-proposed, and verify that the comment is there.
2. Because the patch changes the default sshd_config, and debian/openssh-server.ucf-md5sum needs to be updated when this happens, an upgrade from noble to oracular should be done after installing openssh-server from noble-proposed. If a debconf prompt is shown, then a mistake was made in recording the checksums. Otherwise, they are correct.
[Where problems could occur]
There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing.
Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config.
[Original Description]
Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22.
Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket-based-activation-ubuntu-22-10-and-later/30189/32
Steps to reproduce:
1. Install Ubuntu 24.04 LTS
2. Change Port directive in /etc/ssh/sshd_config to Port 2233
3. Restart ssh.service
4. Observe sshd still listening to port 22
Expected behaviour: sshd changes port to 2233
Actual behaviour: sshd keeps listening to port 22 |
|
2024-06-27 17:15:29 |
Launchpad Janitor |
openssh (Ubuntu): status |
Fix Committed |
Fix Released |
|