* [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage
@ 2020-02-19 20:02 Patrick McLean
2020-02-19 20:12 ` Mike Gilbert
2020-02-19 21:22 ` William Hubbs
0 siblings, 2 replies; 6+ messages in thread
From: Patrick McLean @ 2020-02-19 20:02 UTC (permalink / raw
To: gentoo-dev
Title: OpenSSH 8.2_p1 running sshd breakage
Author: Patrick McLean <chutzpah@gentoo.org>
Posted: 2020-02-21
Revision: 1
News-Item-Format: 2.0
Display-If-Installed: <net-misc/openssh-8.2
If sshd is running, and a system is upgraded from <net-misc/openssh-8.2_p1
to >=net-misc/openssh-8.2_p1, any new ssh connection will fail until sshd is
restarted.
Before restarting sshd, it is *strongly* recommended that you test your
configuraton with the following command (as root):
sshd -t
If your system is booted with openrc, use this command (as root)
to restart sshd:
/etc/init.d/sshd restart
If your system is booted with systemd, use this command (as root)
to restart sshd:
systemctl restart sshd
WARNING: On systemd booted machines, this command will terminate all currently
open ssh connections, it is *strongly* reccommended that you validate
your configuration before restarting sshd.
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage
2020-02-19 20:02 [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage Patrick McLean
@ 2020-02-19 20:12 ` Mike Gilbert
2020-02-19 20:41 ` Michael Jones
2020-02-19 21:22 ` William Hubbs
1 sibling, 1 reply; 6+ messages in thread
From: Mike Gilbert @ 2020-02-19 20:12 UTC (permalink / raw
To: Gentoo Dev
On Wed, Feb 19, 2020 at 3:02 PM Patrick McLean <chutzpah@gentoo.org> wrote:
>
> Title: OpenSSH 8.2_p1 running sshd breakage
> Author: Patrick McLean <chutzpah@gentoo.org>
> Posted: 2020-02-21
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: <net-misc/openssh-8.2
>
> If sshd is running, and a system is upgraded from <net-misc/openssh-8.2_p1
> to >=net-misc/openssh-8.2_p1, any new ssh connection will fail until sshd is
> restarted.
>
> Before restarting sshd, it is *strongly* recommended that you test your
> configuraton with the following command (as root):
> sshd -t
>
> If your system is booted with openrc, use this command (as root)
> to restart sshd:
> /etc/init.d/sshd restart
>
> If your system is booted with systemd, use this command (as root)
> to restart sshd:
> systemctl restart sshd
>
> WARNING: On systemd booted machines, this command will terminate all currently
> open ssh connections, it is *strongly* reccommended that you validate
> your configuration before restarting sshd.
>
Existing connections are only terminated if the pam_systemd module is
not enabled. This might happen if the user has disabled USE=pam on
sys-apps/systemd, or if they have modified the system pam stack to
exclude pam_systemd.
Maybe change the warning to this:
WARNING: On systemd booted machines with PAM disabled, this command
will terminate all currently open ssh connections. It is *strongly*
recommended that you validate your configuration before restarting
sshd.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage
2020-02-19 20:12 ` Mike Gilbert
@ 2020-02-19 20:41 ` Michael Jones
2020-02-19 20:59 ` Mike Gilbert
0 siblings, 1 reply; 6+ messages in thread
From: Michael Jones @ 2020-02-19 20:41 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1778 bytes --]
How does this effect systemd's socket activation?
E.g. The systemd sshd.socket unit file.
On Wed, Feb 19, 2020 at 2:12 PM Mike Gilbert <floppym@gentoo.org> wrote:
> On Wed, Feb 19, 2020 at 3:02 PM Patrick McLean <chutzpah@gentoo.org>
> wrote:
> >
> > Title: OpenSSH 8.2_p1 running sshd breakage
> > Author: Patrick McLean <chutzpah@gentoo.org>
> > Posted: 2020-02-21
> > Revision: 1
> > News-Item-Format: 2.0
> > Display-If-Installed: <net-misc/openssh-8.2
> >
> > If sshd is running, and a system is upgraded from
> <net-misc/openssh-8.2_p1
> > to >=net-misc/openssh-8.2_p1, any new ssh connection will fail until
> sshd is
> > restarted.
> >
> > Before restarting sshd, it is *strongly* recommended that you test your
> > configuraton with the following command (as root):
> > sshd -t
> >
> > If your system is booted with openrc, use this command (as root)
> > to restart sshd:
> > /etc/init.d/sshd restart
> >
> > If your system is booted with systemd, use this command (as root)
> > to restart sshd:
> > systemctl restart sshd
> >
> > WARNING: On systemd booted machines, this command will terminate all
> currently
> > open ssh connections, it is *strongly* reccommended that you
> validate
> > your configuration before restarting sshd.
> >
>
> Existing connections are only terminated if the pam_systemd module is
> not enabled. This might happen if the user has disabled USE=pam on
> sys-apps/systemd, or if they have modified the system pam stack to
> exclude pam_systemd.
>
> Maybe change the warning to this:
>
> WARNING: On systemd booted machines with PAM disabled, this command
> will terminate all currently open ssh connections. It is *strongly*
> recommended that you validate your configuration before restarting
> sshd.
>
>
[-- Attachment #2: Type: text/html, Size: 2443 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage
2020-02-19 20:41 ` Michael Jones
@ 2020-02-19 20:59 ` Mike Gilbert
2020-02-19 21:22 ` Michael Jones
0 siblings, 1 reply; 6+ messages in thread
From: Mike Gilbert @ 2020-02-19 20:59 UTC (permalink / raw
To: Gentoo Dev
On Wed, Feb 19, 2020 at 3:41 PM Michael Jones <gentoo@jonesmz.com> wrote:
>
> How does this effect systemd's socket activation?
>
> E.g. The systemd sshd.socket unit file.
Please avoid top-posting.
When socket-activated, a separate instance of sshd is spawned for each
connection. I don't think any action is needed in that case.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage
2020-02-19 20:02 [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage Patrick McLean
2020-02-19 20:12 ` Mike Gilbert
@ 2020-02-19 21:22 ` William Hubbs
1 sibling, 0 replies; 6+ messages in thread
From: William Hubbs @ 2020-02-19 21:22 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 797 bytes --]
On Wed, Feb 19, 2020 at 12:02:51PM -0800, Patrick McLean wrote:
> Title: OpenSSH 8.2_p1 running sshd breakage
> Author: Patrick McLean <chutzpah@gentoo.org>
> Posted: 2020-02-21
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: <net-misc/openssh-8.2
>
> If sshd is running, and a system is upgraded from <net-misc/openssh-8.2_p1
> to >=net-misc/openssh-8.2_p1, any new ssh connection will fail until sshd is
> restarted.
>
> Before restarting sshd, it is *strongly* recommended that you test your
> configuraton with the following command (as root):
> sshd -t
>
> If your system is booted with openrc, use this command (as root)
> to restart sshd:
> /etc/init.d/sshd restart
A better choice would be:
rc-service sshd --nodeps restart
William
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-02-19 21:22 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-19 20:02 [gentoo-dev] [RFC] News item: OpenSSH 8.2_p1 running sshd breakage Patrick McLean
2020-02-19 20:12 ` Mike Gilbert
2020-02-19 20:41 ` Michael Jones
2020-02-19 20:59 ` Mike Gilbert
2020-02-19 21:22 ` Michael Jones
2020-02-19 21:22 ` William Hubbs
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox