debcrafters-packages team mailing list archive
-
debcrafters-packages team
-
Mailing list archive
-
Message #07097
[Bug 2122601] Re: ssh access on port 22 inhibited
Sorry, I was trying to offer the most direct solution, but here is more
detail.
First - unless you have a configuration for the socket that is more
complicated than what can be achieved with the Port, ListenAddress, and
AddressFamily options in sshd_config[1], then I strongly recommend using
e.g. /etc/ssh/sshd_config.d/custom.conf for your port configuration
instead of using ssh.socket overrides.
Second - if you want your /etc/system/systemd/ssh.socket.d/override.conf
to work, you need to specify the address family explicitly, *or*
override the value of BindIPv6Only=ipv6-only [2], too. For a more
detailed explanation, please see bug 2118912 [3].
In other words, because your override is:
# /etc/systemd/system/ssh.socket.d/override.conf
[Socket]
ListenStream=
ListenStream=22
rather than:
# /etc/systemd/system/ssh.socket.d/override.conf
[Socket]
ListenStream=
ListenStream=0.0.0.0:22
ListenStream=[::]:22
or:
# /etc/systemd/system/ssh.socket.d/override.conf
[Socket]
ListenStream=
ListenStream=22
BindIPv6Only=both
you are actually overriding the default ssh.socket unit in a way that
says "only listen on port 22 via IPv6, not IPv4".
Hence, I hope it is clear why I recommend simply using
/etc/ssh/sshd_config.d/custom.conf.
[1] https://manpages.ubuntu.com/manpages/noble/en/man5/sshd_config.5.html
[2] https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html#BindIPv6Only=
[3] https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2118912
--
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2122601
Title:
ssh access on port 22 inhibited
Status in openssh package in Ubuntu:
Incomplete
Bug description:
Ubuntu 24.04.3 LTS
ssh:
Installed: (none)
Candidate: 1:9.6p1-3ubuntu13.13
Version table:
1:9.6p1-3ubuntu13.13 500
500 http://de.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
1:9.6p1-3ubuntu13.11 500
500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
1:9.6p1-3ubuntu13 500
500 http://de.archive.ubuntu.com/ubuntu noble/main amd64 Packages
I had changed the ssh port thru /etc/systemd/system/ssh.socket.d/override.conf:
[Socket]
ListenStream =
ListenStream = 24427
The team requested to have that returned to the default port 22. So I
changed the file to
[Socket]
ListenStream =
ListenStream = 22
With a recent update I could no longer ssh into the machine. Two solutions:
1. Use sshd instead of ssh.socket
2. Remove or rename the above control file so that it is not read.
I.e. having port 22 defined in the controlfile breaks access.
Annoying. A fix will be highly appreciated.
Others ran into the same issue:
https://blog.dummzeuch.de/2025/09/09/troubleshooting-a-ssh-socket-
problem/
ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: ubuntu-release-upgrader-core 1:24.04.27
ProcVersionSignature: Ubuntu 6.8.0-79.79-generic 6.8.12
Uname: Linux 6.8.0-79-generic x86_64
ApportVersion: 2.28.1-0ubuntu3.8
Architecture: amd64
CasperMD5CheckResult: pass
CrashDB: ubuntu
CrashReports: 600:0:0:277414:2025-09-03 13:34:44.691428521 +0000:2025-09-03 13:34:44.676428638 +0000:/var/crash/qant-native-computing-toolkit.0.crash
Date: Thu Sep 11 14:25:32 2025
InstallationDate: Installed on 2025-04-17 (147 days ago)
InstallationMedia: Ubuntu-Server 24.04.2 LTS "Noble Numbat" - Release amd64 (20250216.2)
PackageArchitecture: all
ProcEnviron:
LANG=en_US.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=linux
SourcePackage: ubuntu-release-upgrader
Symptom: release-upgrade
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2122601/+subscriptions
