Bug#566831: sshd started after upgrade even if not running and disabled

To: submit@bugs.debian.org
Subject: Bug#566831: sshd started after upgrade even if not running and disabled
From: MP <singularita@gmail.com>
Date: Mon, 25 Jan 2010 12:29:12 +0100
Message-id: <3c2d50501001250329s61c13d36p8e3b491c54aef2c3@mail.gmail.com>
Reply-to: MP <singularita@gmail.com>, 566831@bugs.debian.org

Package: openssh-server
Version: 1:5.2p1-2

I have configured ssh-server to be not running by default (no symlink
in rc*.d directories to /etc/init.d/ssh), since I start the sshd only
rarely and only when I'm on "secure" network. And even though ssh was
not running, upgrading ssh via apt-get "restarted" the server,
effectively starting it:

Setting up openssh-server (1:5.2p1-2) ...
update-rc.d: warning: ssh start runlevel arguments (2 3 4 5) do not
match LSB Default-Start values (none)
update-rc.d: warning: ssh stop runlevel arguments (none) do not match
LSB Default-Stop values (1)
Restarting OpenBSD Secure Shell server: sshd.

I think the sshd should only be restarted when it is actually running,
otherwise it can open up to password-guessing attacks or alike on some
configurations when I do not expect sshd to be automatically running
in first place...

Reply to:

Follow-Ups:
- Bug#566831: sshd started after upgrade even if not running and disabled
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#280609: toots ies profl igate foreg o weara bilit y felin es
Next by Date: Bug#566831: sshd started after upgrade even if not running and disabled
Previous by thread: Bug#280609: toots ies profl igate foreg o weara bilit y felin es
Next by thread: Bug#566831: sshd started after upgrade even if not running and disabled
Index(es):
- Date
- Thread