[Bug 1691826] Re: systemd script for sshd allows it to start too early should wait for authentication services...
Colin Watson
cjwatson at canonical.com
Fri May 19 15:10:51 UTC 2017
Right, sshd really must be a local user, so if it's currently in LDAP
then that would indeed be the problem.
I don't think this is a bug in openssh, so I'm marking this Invalid for
now, but feel free to reopen if new information arises.
** Changed in: openssh (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1691826
Title:
systemd script for sshd allows it to start too early should wait for
authentication services...
Status in openssh package in Ubuntu:
Invalid
Bug description:
After the most recent update to 16.04 I found that sshd failed to
launch on bootup. On my particular system this is because it was not
able to authenticate the user 'sshd'. It appears to be because it is
starting before authentication services are completely available on my
system. A simple fix was to make the following change to
/lib/systemd/system/ssh.service:
--After=network.target auditd.service
++After=network.target auditd.service accounts-daemon.service
Starting too early might be a security issue, but I do not have the
expertise to make that judgment. This may also be related to and solve
this bug #1024475 as I am also serving some of my accounts from ldap.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1691826/+subscriptions
More information about the foundations-bugs
mailing list