Package: openssh-server Version: 1:7.9p1-10+deb10u1 Severity: important Using RuntimeDirectory in ssh.service and ssh@.service creates the needed directory /run/sshd but there are issues in two cases:
1. After switching from ssh.socket to ssh.service while a ssh connection is open, results in future logins to fail. Closing the existing ssh.socket connection let systemd to remove /run/sshd despite ssh.service already running. Subsequent logins fail as it has no runtime directory anymore. This is especially bad as it will lock an administrator out. Even testing logins before closing the last connection does not highlight this issue. SSH login works again after the directory is created manually or the host or service is restarted (directory is recreated by ssh). 2. Testing sshd configuration (using `sshd -t`) while neither ssh.service or ssh@.service are running fails. It complains that the privilege separation directory /run/sshd does not exist. I tried different things: - Adding RuntimeDirectoryPreserve=yes to ssh@.service to ensure the directory is kept. This address case one but `sshd -t` still fails until ssh.service is started or a connection has been established. Otherwise systemd has not yet created the directory. - Using tempfiles.d to create the directory on system boot. Combining both might work to create the directory in just every case. -- Demo case 1: # systemctl status ssh.socket Active: active (listening) # systemctl start ssh.service # systemctl status ssh@0.service Active: active (running) # logout $ ssh sshbug ssh_exchange_identification: read: Connection reset by peer # systemctl status ssh@0.service Active: inactive (dead) # systemctl status ssh Active: active (running) sshd[6641]: Server listening on :: port 22. systemd[1]: Started OpenBSD Secure Shell server. sshd[6654]: fatal: Missing privilege separation directory: /run/sshd -- Demo case 2 # systemctl start ssh.service # systemctl status ssh Active: active (running) # systemctl status ssh.socket Active: inactive (dead) # sshd -t # systemctl start ssh.socket # systemctl status ssh.socket Active: active (listening) # systemctl status ssh.service Active: inactive (dead) # sshd -t Missing privilege separation directory: /run/sshd -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-cloud-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser 3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 ii libc6 2.28-10 ii libcom-err2 1.44.5-1+deb10u2 ii libgssapi-krb5-2 1.17-3 ii libkrb5-3 1.17-3 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux1 2.8-1+b1 ii libssl1.1 1.1.1d-0+deb10u2 ii libsystemd0 241-7~deb10u2 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 ii openssh-client 1:7.9p1-10+deb10u1 ii openssh-sftp-server 1:7.9p1-10+deb10u1 ii procps 2:3.3.15-2 ii ucf 3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u2 pn ncurses-term <none> pn xauth <none> Versions of packages openssh-server suggests: pn molly-guard <none> pn monkeysphere <none> pn rssh <none> pn ssh-askpass <none> pn ufw <none> -- debconf information: openssh-server/permit-root-login: true