Control: severity -1 wishlist On Mon, Apr 21, 2025 at 02:49:14PM +0200, Chris Hofstaedtler wrote:
* Martin-Éric Racine <martin-eric.racine@iki.fi> [250421 14:42]:The systemd unit current launches: After=network.target remote-fs.target nss-lookup.target This doesn't guarantee that we have acquired an IP address (see: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/). Because of this, binding to an address using e.g. 'ListenAddress 192.168.1.12' will make sshd fail to launch if the interface hasn't acquired an IP yet. network-online.target should probably be added to the above to positively ensure that we've acquired an IP before sshd launches.network-online.target makes no guarantees on addresses, or even the specific address configured in sshd.conf.
Yeah, I think the requested change would be counterproductive for other users: a lot of people want sshd enabled as soon as possible, and most people don't explicitly set ListenAddress.
If it helps in your local setup, I'd encourage you to use a local override file.
I'd be happy to add additional advice about this to README.Debian if somebody else writes it. But ideally it'd be more fine-grained than just whacking in a dependency on network-online.target; perhaps we can advise people how to configure their system so that ssh.service waits for a particular interface to come up.
Thanks, -- Colin Watson (he/him) [cjwatson@debian.org]