Thank you for taking the time to report this bug and helping to make Ubuntu better.
It sounds like the actual bug you're reporting is: > When this happens, other sshd services will fault since the privileged separation directory is no longer there. Please could you provide exact steps to reproduce your "will fault" prediction? Once done, please change the bug status back to New. I'd appreciate the usual "steps to reproduce/expected behaviour/actual behaviour" clearly laid out please. As this is an unusual end-user configuration, I'm marking Importance: Low based on our definitions at https://wiki.ubuntu.com/Bugs/Importance. Please note that this means that after you do reply and assuming that we do agree that the actual behaviour is a bug, I expect that a bug report to Debian will be required but no further action will take place in Ubuntu, save for the possibility of patches to stable releases if a fix does land in the development release via Debian and the patch meets our stable update requirements. I expect that if the fix is to sshd@.service then a local workaround will be trivially possible by overriding that service definition. ** Changed in: openssh (Ubuntu) Status: New => Incomplete ** Changed in: openssh (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1834128 Title: Multiple sshd services cannot be executed Status in openssh package in Ubuntu: Incomplete Bug description: OpenSSH 7.6p1 Ubuntu 18.04.2 (LTS) (Bionic) See also Ticket #1831765, #1690485, and #1832110 regarding the path of the privilege separation directory (aka: /run/sshd). The current Debian installer sets the RuntimeDirectory=sshd (i.e. /run/sshd) in sshd.service (i.e. /lib/systemd/system/sshd.service) and sshd@.service (i.e. /lib/systemd/system/sshd@.service). This is not the best means of implementing this service. The problem is that the systemd deletes the RuntimeDirectory resource as soon as the service is stopped. When this happens, other sshd services will fault since the privileged separation directory is no longer there. We need to modify the configuration as follows: 1) Create /usr/lib/tmpfiles.d/sshd.conf that defines the /run/sshd directory with root:root as the owner and the protection of 0755. 2) Change the assignment of the RuntimeDirectory in sshd.service to something other than sshd (i.e. /run/sshd). 3) Change the assignment of the RuntimeDirectory in sshd@.service to something other than sshd (i.e. /run/sshd). Both OpenSSH and Ubuntu have declined to provision a means of adjusting the Privilege Separation directory. Since both teams do not want to address this, we need to have a means of implementing multiple instance sshd invocation using systemd and avoiding using the RuntimeDirectory assignment of /run/sshd. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1834128/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
