[Bug 1691826] Re: systemd script for sshd allows it to start too early should wait for authentication services...
Jonathan Gutow
gutow at uwosh.edu
Fri May 19 15:20:22 UTC 2017
I recreated the sshd account locally on the machine and it now starts
the sshd daemon correctly using the default ssh.service file. I am
withdrawing this bug report. If I see the sshd account disappear again,
I will open another bug report on that.
** No longer affects: cloud-init (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1691826
Title:
systemd script for sshd allows it to start too early should wait for
authentication services...
Status in openssh package in Ubuntu:
Invalid
Bug description:
After the most recent update to 16.04 I found that sshd failed to
launch on bootup. On my particular system this is because it was not
able to authenticate the user 'sshd'. It appears to be because it is
starting before authentication services are completely available on my
system. A simple fix was to make the following change to
/lib/systemd/system/ssh.service:
--After=network.target auditd.service
++After=network.target auditd.service accounts-daemon.service
Starting too early might be a security issue, but I do not have the
expertise to make that judgment. This may also be related to and solve
this bug #1024475 as I am also serving some of my accounts from ldap.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1691826/+subscriptions
More information about the foundations-bugs
mailing list