Public bug reported:
OpenSSH 7.6p1
Ubuntu 18.04.2 (LTS) (Bionic)
See also Ticket #1831765, #1690485, and #1832110 regarding the path of
the privilege separation directory (aka: /run/sshd).
The current Debian installer sets the RuntimeDirectory=sshd (i.e.
/run/sshd) in sshd.service (i.e. /lib/systemd/system/sshd.service) and
sshd@.service (i.e. /lib/systemd/system/sshd@.service). This is not the
best means of implementing this service. The problem is that the systemd
deletes the RuntimeDirectory resource as soon as the service is stopped.
When this happens, other sshd services will fault since the privileged
separation directory is no longer there. We need to modify the
configuration as follows:
1) Create /usr/lib/tmpfiles.d/sshd.conf that defines the /run/sshd directory
with root:root as the owner and the protection of 0755.
2) Change the assignment of the RuntimeDirectory in sshd.service to something
other than sshd (i.e. /run/sshd).
3) Change the assignment of the RuntimeDirectory in sshd@.service to something
other than sshd (i.e. /run/sshd).
Both OpenSSH and Ubuntu have declined to provision a means of adjusting
the Privilege Separation directory. Since both teams do not want to
address this, we need to have a means of implementing multiple instance
sshd invocation using systemd and avoiding using the RuntimeDirectory
assignment of /run/sshd.
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1834128
Title:
Multiple sshd services cannot be executed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1834128/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
