Re: [Discuss] new ssh error
Is this related to the SSH CVE that is blowing up the internet right now? > After an 'apt upgrade' of openssh I am getting an unnerving error: > >> root@la:/home/kentborg# dpkg-reconfigure openssh-server >> rescue-ssh.target is a disabled or a static unit not running, not >> starting it. >> ssh.socket is a disabled or a static unit not running, not starting it. > > I don't see anything useful in web searches. > > I can currently ssh in, but I am worried I won't be able to after a > reboot. (Plus whatever else might be wrong.) > > > Suggestions? > > Thanks, > > -kb > > > P.S. Can I blame systemd or xz?? > > ___ > Discuss mailing list > Discuss@driftwood.blu.org > https://driftwood.blu.org/mailman/listinfo/discuss > ___ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
Re: [Discuss] new ssh error
On Tue, 2 Jul 2024 08:42:05 -0400 ma...@mohawksoft.com wrote: > Is this related to the SSH CVE that is blowing up the internet right > now? Yes, inasmuch as "everyone" pushed out a fix for a recently discovered regression bug. And yes, you should restart after updating to ensure that the fixed sshd is running. https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server -- \m/ (--) \m/ ___ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
Re: [Discuss] new ssh error
On 7/2/24 05:42, ma...@mohawksoft.com wrote: Is this related to the SSH CVE that is blowing up the internet right now? That is certainly why the update is out there. (Nasty bug!) But it looks like there are no exploits in the wild, yet. One machine that would be truly nasty if sshd quit running I just updated today, and no error message. (That machine is not critical, but is remote.) I'm seeing this error on two machines, so I suspect others will have the error, too, I'll keep doing web searches for it. No, I have not restarted one machine where (1) I do ssh logins and (2) I am seeing this error. It would be a pain in the arse if sshd didn't restart on reboot. I am (foolishly, I'm sure) content to restart sshd itself. I know there is a "reboot, always reboot, don't be a fool you gotta reboot"-crowd, but I'm not going to do that. Not yet. At minimum I will do some experimenting on my laptop first. It has the error and I don't login to it via ssh, in fact I don't have sshd set to start at all. I should set it to start, reboot, see whether it does. But I haven't done that yet. Thanks, -kb ___ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
Re: [Discuss] new ssh error
On Mon, 1 Jul 2024 13:53:17 -0700 Kent Borg wrote: > After an 'apt upgrade' of openssh I am getting an unnerving error: > > > root@la:/home/kentborg# dpkg-reconfigure openssh-server > > rescue-ssh.target is a disabled or a static unit not running, not > > starting it. > > ssh.socket is a disabled or a static unit not running, not starting > > it. > > I don't see anything useful in web searches. TL;DR: these are notices, not errors. socket units are, well, socket units. They're systemd's version of (x)inetd.conf. A static unit is a unit that lacks an install section. This is not a bug: many units don't need to auto-start at boot time. They are triggered by other events. -- \m/ (--) \m/ ___ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
Re: [Discuss] new ssh error
On 7/2/24 13:24, Rich Pieri wrote: TL;DR: these are notices, not errors. socket units are, well, socket units. They're systemd's version of (x)inetd.conf. Yes, I looked at "ssh.socket" is and indeed it did look very inetd-like. Which is what worried me! If sshd isn't going to start until some ssh.socket something tells it to, and if that is disabled… Looking back through my notes I see *lots* of times I recorded that I upgraded openssh-server, yet I don't ever before remember seeing a "notice" that looked so unnervingly error-like. The fact that this is the first time openssh-server has had an upgrade since my Debian 11 -> 12 upgrade might be its cause, but that doesn't make it an explanation. A static unit is a unit that lacks an install section. This is not a bug: many units don't need to auto-start at boot time. They are triggered by other events. If some inetd-like mechanism isn't going to start sshd, and there isn't a "static unit" to "auto-start" to do it either, what a frightening pair of "notices". -kb ___ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
