I ran this from a container image running under LXC, so perhaps that's the confusion of jammy vs kinetic.
Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.53-1-pve x86_64) (From motd) While yes, this "solution" I did will in fact get wiped on upgrade, it was done as a troubleshooting step, to figure out if this was, in fact, the usse. However, listening on all interfaces, as a default, may be fine, however, this is managed via the sshd config. Otherwise, we are left with 2 places to configure a service, that already has a very comprehensive configuration file, all of it's own (/etc/ssh/sshd_config). If the sshd config is modified, it should trigger re-creation of the pertinent socket, or all configuration of sshd should be within it's unit file, and not in another configuration file. A more sane default would be "Listen only on the interfaces the service has requested", not "Listen on all interfaces, regardless of what the configuration file specifies" I would think? Or "Listen only on interfaces that have been requested". Prior to socket activation, openssh only listens on interfaces specified in it's config file, which does default to all families, all interfaces, unless it's specified. Then, it listens only where it is told to do so (As indicated in the attached sshd conf). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1991566 Title: Package creates a socket file for all addresses of all families, even when bind to a single address Status in openssh package in Ubuntu: Incomplete Bug description: I am configuring OpenSSH to listen only on ipv4 and only on one interface and one address, with nginx listening on 22 on the other interface, and families. In order to make this happen, I had to "break" the socket file installed by the package at: /etc/systemd/system/sockets.target.wants/ssh.socket To read as follows: [Unit] Description=OpenBSD Secure Shell server socket Before=ssh.service Conflicts=ssh.service ConditionPathExists=!/etc/ssh/sshd_not_to_be_run #[Socket] #ListenStream=22 #Accept=yes #[Install] #WantedBy=sockets.target (Commented out the lines that installed the socket) Then a daemon-reload, and restart of ngxinx, and all components of the solution are working as required. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: openssh-server 1:8.9p1-3 [modified: lib/systemd/system/ssh.socket] ProcVersionSignature: Uname: Linux 5.15.53-1-pve x86_64 ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 CasperMD5CheckResult: unknown Date: Mon Oct 3 16:36:37 2022 ProcEnviron: TERM=linux PATH=(custom, no user) LANG=C SHELL=/bin/bash SourcePackage: openssh UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1991566/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
