Bug#645788: openssh-server: Workaround
Package: openssh-server
Version: 1:7.9p1-10
Followup-For: Bug #645788
Dear Maintainer,
Authentication always failed when using sshd server launched from xinetd.
Issue was track down to the fact that sshd systemd script created a /run/sshd directory.
But that directory does not exist when called from xinetd.
Workarround was to place a conf file on /etc/tmffiles.d
---snip (sshd.conf)
d /run/sshd 0700 root root
---snip
This creates the required diretory during system startup on the dynamic /run (tmpfs).
I suggest removing the creation/deletion of the /run/sshd diretory from the ssh.service
systemd service script, and placing a tmpfiles conf to do the same at startup.
That would work in both cases (standalone service and xinetd helper).
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=pt_PT.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages openssh-server depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii dpkg 1.19.7
ii libaudit1 1:2.8.4-3
ii libc6 2.28-10
ii libcom-err2 1.44.5-1
ii libgssapi-krb5-2 1.17-3
ii libkrb5-3 1.17-3
ii libpam-modules 1.3.1-5
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libselinux1 2.8-1+b1
ii libssl1.1 1.1.1c-1
ii libsystemd0 241-5
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii openssh-client 1:7.9p1-10
ii openssh-sftp-server 1:7.9p1-10
ii procps 2:3.3.15-2
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages openssh-server recommends:
ii libpam-systemd 241-5
ii ncurses-term 6.1+20181013-2
ii xauth 1:1.0.10-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information:
openssh-server/permit-root-login: true
openssh-server/password-authentication: true
Reply to: