NOTE: Even though this is listed as a low priority and an unusual configuration, the addition of /usr/lib/tmpfiles.d/sshd.conf and changing the RuntimeDirectory=sshd_service in the sshd.service file is a better solution that does not conflict with Upstream implementations.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1834128 Title: Multiple sshd services cannot be executed Status in openssh package in Ubuntu: New Bug description: OpenSSH 7.6p1 Ubuntu 18.04.2 (LTS) (Bionic) See also Ticket #1831765, #1690485, and #1832110 regarding the path of the privilege separation directory (aka: /run/sshd). The current Debian installer sets the RuntimeDirectory=sshd (i.e. /run/sshd) in sshd.service (i.e. /lib/systemd/system/sshd.service) and sshd@.service (i.e. /lib/systemd/system/sshd@.service). This is not the best means of implementing this service. The problem is that the systemd deletes the RuntimeDirectory resource as soon as the service is stopped. When this happens, other sshd services will fault since the privileged separation directory is no longer there. We need to modify the configuration as follows: 1) Create /usr/lib/tmpfiles.d/sshd.conf that defines the /run/sshd directory with root:root as the owner and the protection of 0755. 2) Change the assignment of the RuntimeDirectory in sshd.service to something other than sshd (i.e. /run/sshd). 3) Change the assignment of the RuntimeDirectory in sshd@.service to something other than sshd (i.e. /run/sshd). Both OpenSSH and Ubuntu have declined to provision a means of adjusting the Privilege Separation directory. Since both teams do not want to address this, we need to have a means of implementing multiple instance sshd invocation using systemd and avoiding using the RuntimeDirectory assignment of /run/sshd. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1834128/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp