This is probably not a bug related to ssh but to the configuration changes introduced by Ubuntu.
** Package changed: ubuntu => openssh (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2020560 Title: ssh.service and ssh.socket both running. Status in openssh package in Ubuntu: New Bug description: I am running Ubuntu 23.04. The out-of-the-box configuration allows SSH access on port 22. I wish to have ssh listen on both ports 22 and 7022. The ssh_config file contains a comment that Ubuntu now uses socket activated connections and thus ignores the Port and ListenAddress entries. I looked up the ssh socket activation and found that I needed a /etc/systemd/system/ssh.socket.d directory that contains a listen.conf file. I created the directory and the listen.conf file that contains this. [Socket] # Uncomment the following line to turn of listening on port 22. #ListenStream= ListenStream=7022 I then ran these two commands: sudo systemctl daemon-reload sudo systemctl restart ssh I then checked for port listeners: root# lsof -i -P -n | grep LISTEN systemd 1 root 454u IPv6 25979 0t0 TCP *:22 (LISTEN) systemd-r 638 systemd-resolve 14u IPv4 35332 0t0 TCP 127.0.0.53:53 (LISTEN) systemd-r 638 systemd-resolve 16u IPv4 35334 0t0 TCP 127.0.0.54:53 (LISTEN) Xtigervnc 941 moose 9u IPv4 22485 0t0 TCP 127.0.0.1:5902 (LISTEN) Xtigervnc 941 moose 10u IPv6 22486 0t0 TCP [::1]:5902 (LISTEN) cupsd 2258639 root 6u IPv6 33526334 0t0 TCP [::1]:631 (LISTEN) cupsd 2258639 root 7u IPv4 33526335 0t0 TCP 127.0.0.1:631 (LISTEN) sshd 3698765 root 3u IPv6 25979 0t0 TCP *:22 (LISTEN) I then discovered that both ssh.service and ssh.socket are running: root@/etc/netplan# systemctl status ssh.service ? ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: enabled) Drop-In: /etc/systemd/system/ssh.service.d ??00-socket.conf Active: active (running) since Tue 2023-05-23 11:17:29 EDT; 36min ago TriggeredBy: ? ssh.socket Docs: man:sshd(8) man:sshd_config(5) Process: 3698763 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 3698765 (sshd) Tasks: 3 (limit: 38046) Memory: 3.6M CPU: 206ms CGroup: /system.slice/ssh.service ??3698765 "sshd: /usr/sbin/sshd -D [listener] 1 of 10-100 startups" ??3777496 "sshd: root [priv]" ??3777497 "sshd: root [net]" May 23 11:51:44 alces sshd[3771657]: ... Hint: Some lines were ellipsized, use -l to show in full. root@/etc/netplan# systemctl status ssh.socket ? ssh.socket - OpenBSD Secure Shell server socket Loaded: loaded (/lib/systemd/system/ssh.socket; enabled; preset: enabled) Drop-In: /etc/systemd/system/ssh.socket.d ??listen.conf Active: active (running) since Mon 2023-05-15 09:23:44 EDT; 1 week 1 day ago Until: Mon 2023-05-15 09:23:44 EDT; 1 week 1 day ago Triggers: ? ssh.service Listen: [::]:22 (Stream) [::]:7022 (Stream) Tasks: 0 (limit: 38046) Memory: 8.0K CPU: 569us CGroup: /system.slice/ssh.socket May 15 09:23:44 alces systemd[1]: ... Hint: Some lines were ellipsized, use -l to show in full. Finally, I found that /lib/systemd/system contains both ssh.service and ssh.socket configurations. ssh.service: [Unit] Description=OpenBSD Secure Shell server Documentation=man:sshd(8) man:sshd_config(5) After=network.target auditd.service ConditionPathExists=!/etc/ssh/sshd_not_to_be_run [Service] EnvironmentFile=-/etc/default/ssh ExecStartPre=/usr/sbin/sshd -t ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecReload=/usr/sbin/sshd -t ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure RestartPreventExitStatus=255 Type=notify [Install] WantedBy=multi-user.target Alias=sshd.service ssh.socket: [Unit] Description=OpenBSD Secure Shell server socket Before=sockets.target ConditionPathExists=!/etc/ssh/sshd_not_to_be_run [Socket] ListenStream=22 Accept=no [Install] WantedBy=sockets.target Finally, in /etc/systemd/system there is an ssh.service.d directory that contains the 00-socket.conf file that contains: [Unit] After=ssh.socket Requires=ssh.socket This is very confusing. I could disable ssh.service, but I am concerned that if I do this I will lose ssh connectivity to my headless server. What is the way out of this morass? It would be VERY helpful if there was a comprehensive guide to the current ssh configuration that explains what services to run, how to configure those services, and where the configuration files should reside. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2020560/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
