[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
This bug was fixed in the package openssh - 1:9.6p1-3ubuntu13.12 --- openssh (1:9.6p1-3ubuntu13.12) noble; urgency=medium * d/p/sshd-socket-generator.patch: add note to sshd_config Explain that a systemctl daemon-reload is needed for changes to Port et al to take effect. (LP: #2069041) -- Nick Rosbrook Tue, 29 Apr 2025 10:57:04 -0400 ** Changed in: openssh (Ubuntu Noble) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Verification for part 2 of the test plan: root@n:~# apt policy openssh-server openssh-server: Installed: 1:9.6p1-3ubuntu13.12 Candidate: 1:9.6p1-3ubuntu13.12 Version table: *** 1:9.6p1-3ubuntu13.12 100 100 /var/lib/dpkg/status 1:9.6p1-3ubuntu13.11 500 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages 1:9.6p1-3ubuntu13 500 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages root@n:~# sed -i 's/Prompt=lts/Prompt=normal/g' /etc/update-manager/release-upgrades root@n:~# do-release-upgrade Checking for a new Ubuntu release = Welcome to Ubuntu 24.10 'Oracular Oriole' = The Ubuntu team is proud to announce Ubuntu 24.10 'Oracular Oriole'. To see what's new in this release, visit: https://wiki.ubuntu.com/OracularOriole/ReleaseNotes Ubuntu is a Linux distribution for your desktop or server, with a fast and easy install, regular releases, a tight selection of excellent applications installed by default, and almost any other software you can imagine available through the network. We hope you enjoy Ubuntu. == Feedback and Helping == If you would like to help shape Ubuntu, take a look at the list of ways you can participate at http://www.ubuntu.com/community/participate/ Your comments, bug reports, patches and suggestions will help ensure that our next release is the best release of Ubuntu ever. If you feel that you have found a bug please read: http://help.ubuntu.com/community/ReportingBugs Then report bugs using apport in Ubuntu. For example: ubuntu-bug linux will open a bug report in Launchpad regarding the linux package. If you have a question, or if you think you may have found a bug but aren't sure, first try asking on the #ubuntu or #ubuntu-bugs IRC channels on Libera.Chat, on the Ubuntu Users mailing list, or on the Ubuntu forums: http://help.ubuntu.com/community/InternetRelayChat http://lists.ubuntu.com/mailman/listinfo/ubuntu-users http://www.ubuntuforums.org/ == More Information == You can find out more about Ubuntu on our website, IRC channel and wiki. If you're new to Ubuntu, please visit: http://www.ubuntu.com/ To sign up for future Ubuntu announcements, please subscribe to Ubuntu's very low volume announcement list at: http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce Continue [yN] y Get:1 Upgrade tool signature [833 B] Get:2 Upgrade tool [1049 kB] Fetched 1050 kB in 0s (0 B/s) /usr/lib/python3/dist-packages/DistUpgrade/DistUpgradeFetcherCore.py:237: Warning: W:Download is performed unsandboxed as root as file 'oracular.tar.gz.gpg' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) result = fetcher.run() authenticate 'oracular.tar.gz' against 'oracular.tar.gz.gpg' extracting 'oracular.tar.gz' [screen is terminating] root@n:~# cat /etc/os-release PRETTY_NAME="Ubuntu 24.10" NAME="Ubuntu" VERSION_ID="24.10" VERSION="24.10 (Oracular Oriole)" VERSION_CODENAME=oracular ID=ubuntu ID_LIKE=debian HOME_URL="https://www.ubuntu.com/"; SUPPORT_URL="https://help.ubuntu.com/"; BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"; PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"; UBUNTU_CODENAME=oracular LOGO=ubuntu-logo root@n:~# apt policy openssh-server openssh-server: Installed: 1:9.7p1-7ubuntu4.3 Candidate: 1:9.7p1-7ubuntu4.3 Version table: *** 1:9.7p1-7ubuntu4.3 500 500 http://archive.ubuntu.com/ubuntu oracular-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu oracular-security/main amd64 Packages 100 /var/lib/dpkg/status 1:9.7p1-7ubuntu4 500 500 http://archive.ubuntu.com/ubuntu oracular/main amd64 Packages There were no debconf prompts or other issues relating to the upgrade of openssh-server. ** Tags removed: verification-needed verification-needed-noble ** Tags added: verification-done verification-done-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Verification for part 1 of the test plan: root@n:~# apt policy openssh-server openssh-server: Installed: 1:9.6p1-3ubuntu13.12 Candidate: 1:9.6p1-3ubuntu13.12 Version table: *** 1:9.6p1-3ubuntu13.12 100 100 http://archive.ubuntu.com/ubuntu noble-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1:9.6p1-3ubuntu13.11 500 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages 1:9.6p1-3ubuntu13 500 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages root@n:~# head -n 30 /etc/ssh/sshd_config # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. Include /etc/ssh/sshd_config.d/*.conf # When systemd socket activation is used (the default), the socket # configuration must be re-generated after changing Port, AddressFamily, or # ListenAddress. # # For changes to take effect, run: # # systemctl daemon-reload # systemctl restart ssh.socket # #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Not really worth an SRU on its own, but this was previously part of a bigger SRU that regressed, and we haven’t found the reason for that regression. After some discussion, we agreed to retry those fixes one by one, in independent SRUs, so let’s just do this one as part of that. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Hello teutat3s, or anyone else affected, Accepted openssh into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu13.12 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-noble. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: openssh (Ubuntu Noble) Status: Confirmed => Fix Committed ** Tags added: verification-needed verification-needed-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
The changes in noble's 13.6 and 13.7 were reverted, and this bug is open again. Removing the block-proposed-noble tag. ** Tags removed: block-proposed-noble noble verification-done verification-done-noble ** Changed in: openssh (Ubuntu Noble) Status: Fix Committed => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Adding block-proposed-noble to avoid accidental release while the regression in https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2087551 is investigated. ** Tags added: block-proposed-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
1:9.6p1-3ubuntu13.7 was moved back to noble-proposed due to a possible regression[1] that is being investigated. Setting the bug tasks back to fix committed. 1:9.6p1-3ubuntu13.5 was restored in noble-updates. 1. https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2087551 ** Changed in: openssh (Ubuntu Noble) Status: Fix Released => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
This bug was fixed in the package openssh - 1:9.6p1-3ubuntu13.7 --- openssh (1:9.6p1-3ubuntu13.7) noble; urgency=medium * d/t/sshd-socket-generator: run test_match_on_port test The test case was added to verify the fix for LP: 2076023, but it is not actually executed at the moment. Now that it does run, fix the grep commands used. openssh (1:9.6p1-3ubuntu13.6) noble; urgency=medium * Explicitly listen on IPv4 by default, with socket-activated sshd (LP: #2080216) - d/systemd/ssh.socket: explicitly listen on ipv4 by default - d/t/sshd-socket-generator: update for new defaults and AddressFamily - sshd-socket-generator: handle new ssh.socket default settings * sshd-socket-generator: do not parse server match config (LP: #2076023) * d/p/systemd-socket-activation.patch: don't clear rexec_flag (LP: #2071815) * d/p/sshd-socket-generator.patch: add note to sshd_config Explain that a systemctl daemon-reload is needed for changes to Port et al to take effect. (LP: #2069041) * debian/openssh-server.ucf-md5sum: add new checksums for sshd_config -- Nick Rosbrook Wed, 23 Oct 2024 14:19:51 -0400 ** Changed in: openssh (Ubuntu Noble) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
The latest upload was restricted to a fix in d/t/sshd-socket-generator, so my previous verification stands. ** Tags removed: verification-needed verification-needed-noble ** Tags added: verification-done verification-done-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Hello teutat3s, or anyone else affected, Accepted openssh into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu13.7 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-noble. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Tags removed: verification-done verification-done-noble ** Tags added: verification-needed verification-needed-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
I have verified this fix using openssh-server 1:9.6p1-3ubuntu13.6 from noble-proposed. First, I installed openssh-server from noble-proposed and checked that the comment was present in /etc/ssh/sshd_config: nr@six:~$ lxc launch ubuntu:noble noble Launching noble nr@six:~$ lxc exec noble bash root@noble:~# cat > /etc/apt/sources.list.d/proposed.sources << EOF > Types: deb > URIs: http://us.archive.ubuntu.com/ubuntu/ > Suites: noble-proposed > Components: main universe > Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg > EOF root@noble:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu noble InRelease Get:2 http://us.archive.ubuntu.com/ubuntu noble-proposed InRelease [265 kB] Get:3 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB] Get:4 http://archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB] Get:5 http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages [15.0 MB] Get:6 http://us.archive.ubuntu.com/ubuntu noble-proposed/main amd64 Packages [180 kB] Get:7 http://us.archive.ubuntu.com/ubuntu noble-proposed/main Translation-en [48.6 kB] Get:8 http://us.archive.ubuntu.com/ubuntu noble-proposed/main amd64 Components [22.0 kB] Get:9 http://us.archive.ubuntu.com/ubuntu noble-proposed/main amd64 c-n-f Metadata [3556 B] Get:10 http://us.archive.ubuntu.com/ubuntu noble-proposed/universe amd64 Packages [650 kB] Get:11 http://us.archive.ubuntu.com/ubuntu noble-proposed/universe Translation-en [79.1 kB] Get:12 http://us.archive.ubuntu.com/ubuntu noble-proposed/universe amd64 Components [68.0 kB] Get:13 http://us.archive.ubuntu.com/ubuntu noble-proposed/universe amd64 c-n-f Metadata [10.7 kB] Get:14 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB] Get:15 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [433 kB] Get:16 http://archive.ubuntu.com/ubuntu noble/universe Translation-en [5982 kB] Get:17 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [93.2 kB] Get:18 http://security.ubuntu.com/ubuntu noble-security/main amd64 Components [7152 B] Get:19 http://security.ubuntu.com/ubuntu noble-security/main amd64 c-n-f Metadata [5816 B] Get:20 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [555 kB] Get:21 http://archive.ubuntu.com/ubuntu noble/universe amd64 Components [3871 kB] Get:22 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [148 kB] Get:23 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [51.9 kB] Get:24 http://security.ubuntu.com/ubuntu noble-security/universe amd64 c-n-f Metadata [13.5 kB] Get:25 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Packages [388 kB] Get:26 http://archive.ubuntu.com/ubuntu noble/universe amd64 c-n-f Metadata [301 kB] Get:27 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 Packages [269 kB] Get:28 http://archive.ubuntu.com/ubuntu noble/multiverse Translation-en [118 kB] Get:29 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 Components [35.0 kB] Get:30 http://archive.ubuntu.com/ubuntu noble/multiverse amd64 c-n-f Metadata [8328 B] Get:31 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [599 kB] Get:32 http://security.ubuntu.com/ubuntu noble-security/restricted Translation-en [74.8 kB] Get:33 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Components [212 B] Get:34 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Packages [10.9 kB] Get:35 http://security.ubuntu.com/ubuntu noble-security/multiverse Translation-en [2808 B] Get:36 http://archive.ubuntu.com/ubuntu noble-updates/main Translation-en [146 kB] Get:37 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Components [114 kB] Get:38 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 c-n-f Metadata [10.2 kB] Get:39 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [707 kB] Get:40 http://archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [210 kB] Get:41 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Components [305 kB] Get:42 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 c-n-f Metadata [19.8 kB] Get:43 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Packages [388 kB] Get:44 http://archive.ubuntu.com/
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
Hello teutat3s, or anyone else affected, Accepted openssh into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu13.6 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-noble. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: openssh (Ubuntu Noble) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
** Changed in: openssh (Ubuntu Noble) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
** Changed in: openssh (Ubuntu Noble) Status: In Progress => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
** Tags added: noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
This bug was fixed in the package openssh - 1:9.6p1-3ubuntu14 --- openssh (1:9.6p1-3ubuntu14) oracular; urgency=medium * d/p/sshd-socket-generator.patch: add note to sshd_config Explain that a systemctl daemon-reload is needed for changes to Port et al to take effect. (LP: #2069041) * debian/openssh-server.ucf-md5sum: add new checksums for sshd_config -- Nick Rosbrook Tue, 18 Jun 2024 13:31:47 -0400 ** Changed in: openssh (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
> Please add to the Test Plan to verify that there are no conffile prompts in the at-risk upgrade paths. Added. Thanks. ** Description changed: [Impact] There is currently no comment in the default /etc/ssh/sshd_config explaining that a systemctl daemon-reload is needed for changes to Port etc. to take effect when systemd socket activation is used (the default on Ubuntu). Users may change e.g. Port in /etc/ssh/sshd_config and expect systemctl restart ssh.service to reflect the change, but this will not work. [Test Plan] - The proposed fix here is to improve the documentation by adding a + 1. The proposed fix here is to improve the documentation by adding a comment above the default Port setting in /etc/ssh/sshd_config. Hence, the test is to simply install openssh-server from noble-proposed, and verify that the comment is there. + + 2. Because the patch changes the default sshd_config, and + debian/openssh-server.ucf-md5sum needs to be updated when this happens, + an upgrade from noble to oracular should be done after installing + openssh-server from noble-proposed. If a debconf prompt is shown, then a + mistake was made in recording the checksums. Otherwise, they are + correct. [Where problems could occur] There is low technical risk, but we should be sure that the documentation is clear and improves the experience of users. It could be harmful if the documentation accidentally makes things worse, or is just confusing. Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config. [Original Description] Changing the Port directive in sshd_config and restarting ssh.service is without effect, sshd keeps listening to port 22. Also mentioned in https://discourse.ubuntu.com/t/sshd-now-uses-socket- based-activation-ubuntu-22-10-and-later/30189/32 Steps to reproduce: 1. Install Ubuntu 24.04 LTS 2. Change Port directive in /etc/ssh/sshd_config to Port 2233 3. Restart ssh.service 4. Observe sshd still listening to port 22 Expected behaviour: sshd changes port to 2233 Actual behaviour: sshd keeps listening to port 22 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
This isn't a full review, but in passing I saw: > Also, a packaging quirk of openssh-server is that checksums of the patched sshd_config (along with certain settings tweaked) need to be recorded in debian/openssh-server.ucf-md5sum to avoid unnecessary debconf prompts on upgrades. I have updated those checksums, but if they are incorrent, then in future upgrades users might see an unnecessary debconf prompt about /etc/ssh/sshd_config. Please add to the Test Plan to verify that there are no conffile prompts in the at-risk upgrade paths. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069041] Re: Changing Port in sshd_config requires calling systemctl daemon-reload
** Changed in: openssh (Ubuntu Noble) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069041 Title: Changing Port in sshd_config requires calling systemctl daemon-reload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2069041/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
