Bug#1103773: openssh-server: systemd unit to After=network-online.target

To: Colin Watson <cjwatson@debian.org>
Cc: 1103773@bugs.debian.org, Martin-Éric Racine <martin-eric.racine@iki.fi>
Subject: Bug#1103773: openssh-server: systemd unit to After=network-online.target
From: Chris Hofstaedtler <zeha@debian.org>
Date: Mon, 21 Apr 2025 19:16:46 +0200
Message-id: <[🔎] dywatnshrtzbcvuaqxehiwwf3zsa5tjvs65pqn5aaicbzzm3oa@kqb5qcylteka>
Reply-to: Chris Hofstaedtler <zeha@debian.org>, 1103773@bugs.debian.org
In-reply-to: <[🔎] aAZ7zVIiDRwKgM0f@riva.ucam.org>
References: <[🔎] 174523911986.1803.16374250241374609704.reportbug@p8h62.internal> <[🔎] 174523911986.1803.16374250241374609704.reportbug@p8h62.internal> <[🔎] gmqgviwwl62jgo4jrl4pklhrwije22gv57btbdnweryhradsqb@u3ynsvx65vsr> <[🔎] aAZ7zVIiDRwKgM0f@riva.ucam.org> <[🔎] 174523911986.1803.16374250241374609704.reportbug@p8h62.internal>

* Colin Watson <cjwatson@debian.org> [250421 19:09]:

Yeah, I think the requested change would be counterproductive forother users: a lot of people want sshd enabled as soon as possible,and most people don't explicitly set ListenAddress.

+1

If it helps in your local setup, I'd encourage you to use a localoverride file.
I'd be happy to add additional advice about this to README.Debian ifsomebody else writes it. But ideally it'd be more fine-grained thanjust whacking in a dependency on network-online.target; perhaps we canadvise people how to configure their system so that ssh.service waitsfor a particular interface to come up.

Another way might be to set IP_FREEBIND, possibly with an sshdconfig option.

Personally I just enable the ip_nonlocal_bind sysctl on machineswhere I intend to bind services (not just sshd) to specific IPaddresses.


Chris

Reply to:

Follow-Ups:
- Bug#1103773: openssh-server: systemd unit to After=network-online.target
  - From: Colin Watson <cjwatson@debian.org>

References:
- Bug#1103773: openssh-server: systemd unit to After=network-online.target
  - From: Martin-Éric Racine <martin-eric.racine@iki.fi>
- Bug#1103773: openssh-server: systemd unit to After=network-online.target
  - From: Chris Hofstaedtler <zeha@debian.org>
- Bug#1103773: openssh-server: systemd unit to After=network-online.target
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#1103392: marked as done (incorrect signature when ssh'ing to an AIX server (Big Endian) from X86 (Little endian))
Next by Date: Bug#1103773: openssh-server: systemd unit to After=network-online.target
Previous by thread: Bug#1103773: openssh-server: systemd unit to After=network-online.target
Next by thread: Bug#1103773: openssh-server: systemd unit to After=network-online.target
Index(es):
- Date
- Thread