A fix for bug #2080216 is not released for noble because of this bug.
Let's do something please because bug #2080216 is quite serious,
confirmed and the fix worked for everyone except the reporter of this
bug, and probably this bug is not even related to the fix.
--
You received this bug notifica
** Changed in: openssh (Ubuntu)
Status: Expired => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on unattended update
To manage notific
[Expired for openssh (Ubuntu) because there has been no activity for 60
days.]
** Changed in: openssh (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/208755
I tried many other things to reproduce this bug:
- looks like the reporter had this happen in a Digital Ocean VM. I tried that
too, going through the openssh upgrades all the way to 13.7, changing the port
to 2240, and it just worked
- tried ipv4 and ipv6
- then noted I was doing this all via ss
Is there any chance that the people affected by this bug perhaps had an
upgrade policy such that the new config file shipped with openssh-server
would be taken as-is, instead of keeping the local changes?
If you changed the port, and then the upgrade was allowed to install the
new config file (bec
Also, can you all try to restore socket activation, and see if the
problem persists? You can restore socket activation by running:
# This removes the symlink to mask the generator, if needed.
$ rm -f /etc/systemd/system-generators/sshd-socket-generator
$ systemctl daemon-reload
$ systemctl disable
Chris, Kevin, John, or anyone else affected:
Is it possible that you changed your sshd_config without actually
reloading and restarting ssh.socket, a while (hours, days, etc.) before
the upgrade occurred? I am wondering if it's possible that the
configuration was already broken by a local change,
Thanks, John. That all looks normal.
Can you share the relevant parts of your configuration? I.e.:
sshd -T | grep -E '^port|^listenaddress|^addressfamily'
Again, the specific values are not so important, but I would like to
know if they differ from the defaults. Is there any thing else special
a
I had this happen to me as well as the original poster. I also disabled
socket authentication using the steps from the thread attached by the
original poster to get access to the server again via SSH. Here is the
unattended-upgrades log:
Log started: 2024-11-09 06:52:08
Preconfiguring packages ..
** Tags removed: rls-nn-incoming
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on unattended update
To manage notifications about this bug go to:
https:/
Chris and Kevin (or anyone else affected) - Can you please attach the
logs in /var/log/unattended-upgrades/? Maybe they will give a clue to
anything unusual that happened during the upgrade itself.
** Tags added: rls-nn-incoming
--
You received this bug notification because you are a member of U
Thanks for the suggestion Andreas. I have tested some scenarios like
that and still cannot reproduce.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on una
I would also throw in some testing around address families, ipv4/ipv6,
maybe there is a regression in
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2080216
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad
Okay, thanks for following up.
If anyone finds a way to reliably reproduce this, please let me know. So
far I have tried:
- adding a custom port (both directly in /etc/ssh/sshd_config, and using
/etc/ssh/sshd_config.d/port.conf)
- upgrading openssh-server (both manually, and by running unattende
Nick-
We had the same config as OP on his first report.
We did what OP did by rolling back to the non-socket based SSH. We have our
connections back on 22. There were zero errors in the logs to report, and when
we were originally trying to ssh with --verbose the only message shown was
"connect
Kevin - can you provide any additional information about what's not
working? If you otherwise have access to the server, are ssh.service or
ssh.socket reporting errors?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launc
I just wanted to add to this thread that I experienced the same issue
after our server performed the unattended update of openssh-server from
1:9.6p1-3ubuntu13.5 to 1:9.6p1-3ubuntu13.7. We had a custom port for
SSH, and our attempts to switch back to default so far have been
fruitless.
--
You rec
> Sorry I can't be more help.
No worries. Thanks for all the information you provided.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on unattended update
> If you are able to find some error in the journal, or evidence that
ssh.socket was listening on the wrong port etc., please share it.
Sorry I have nothing, just know that it was refusing connection, and
that trying to start sshd manually with `systemctl start ssh.service`
didn't work even though
> but with a different configuration than I had earlier
Different in what way?
I am glad this restored socket-activation for you. I am not sure how to
further investigate the bug. If you are able to find some error in the
journal, or evidence that ssh.socket was listening on the wrong port
etc.,
I've reverted the update, 13.7 got removed from noble-updates, 13.5 put
back
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on unattended update
To manage
Thanks.
This has restored socket-based activation, but with a different
configuration than I had earlier, and has not reproduced the problem.
I've confirmed that this really is socket-based activation by stopping
the ssh service in the recovery console, confirming sshd is dead, and
reconnecting,
No problem. You should be able to restore socket activation with:
# This removes the symlink to mask the generator, if needed.
$ rm -f /etc/systemd/system-generators/sshd-socket-generator
$ systemctl daemon-reload
$ systemctl disable --now ssh.service
$ systemctl enable --now ssh.socket
--
You r
And in case it was missed: /etc/ssh/sshd_config.d/ is empty.
I can try breaking ssh again to reproduce, but I don't know sockets too
well, could you point me to some info on how to enable this? I tried
looking and can only find instructions to go the other way, apologies!
--
You received this b
Update was at 6:48 local time today.
journalctl -u ssh.socket shows the socket deactivated and came back, no
more activity until I started trying to fix things at 8:13:
Nov 08 06:48:27 www-veltas systemd[1]: ssh.socket: Deactivated successfully.
Nov 08 06:48:27 www-veltas systemd[1]: Closed ssh.s
This is shown corresponding to that unattended update with -u
ssh.service:
Nov 08 06:48:27 www-veltas sshd[1102]: Received signal 15; terminating.
Nov 08 06:48:27 www-veltas systemd[1]: Stopping ssh.service - OpenBSD Secure
Shell server...
Nov 08 06:48:27 www-veltas systemd[1]: ssh.service: Deact
So far I cannot reproduce anything like you are describing. Any other
logs from ssh.service and ssh.socket would be helpful.
Since it appears you have another way to gain shell access besides ssh,
are you able to test if the problem persists if you attempt to restore
the socket activation configur
Okay - nothing in /etc/ssh/sshd_config.d/? You just have a non-default
port configured?
Was ssh.socket failing to start after the upgrade? E.g. does journalctl
-u ssh.socket show errors around that time (or ssh.service for that
matter)?
--
You received this bug notification because you are a mem
/etc/ssh/sshd_config.d/ is empty
As I've said, my config is working after following the linked steps, but
unfortunately that means I don't have the systemd socket configuration
files anymore.
I'm hoping the fact that this specific update seemed to stop my ssh
service can help narrow this down.
-
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to
Could you please share at least the relevant parts of your sshd_config?
Anything that configures Port, ListenAddress, or AddressFamily? Feel
free to modify the actual port and listen address values of course; I
just need to know where you are using non-default configuration.
** Changed in: openssh
** Tags added: regression-update
** Changed in: openssh (Ubuntu)
Importance: Undecided => Critical
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2087551
Title:
OpenSSH server config broken on un
32 matches
Mail list logo
