On Sat, Feb 20, 2010 at 03:36:20PM +0000, Nuno Magalhães
wrote:
> Come to think of it i don't know why i would also copy the
> init script, 'cos that evidently screwed any attempt at a
> clean reboot.
Yes copying it is not good enough, you will also need to
make edits to it to make sure that it uses a different
daemon name, different PID file location, and to make sure
that the ssh2 binary referenced the sshd_config2 file you
created earlier (it won't just figure that out by itself!)
You would also need to make sure the relevant runlevel
scripts were in place (or if you are using upstart or
similar, configure that appropriately)
This is a lot of unnecessary work to make a cosmetic change
to the SSH banner.
> Fortunately my host's reachable by phone, we scheduled a
> reboot. Didn't work, i wasn't even getting error messages
> again, just connection refused[1], on both ports, by the
> new version. They opened console through vnc, i ran some
> updates, upgrades, purges and what not and it's back
> working again, with the old version.
So, essentially, in your attempts to avoid a potential
service disruption by restarting the running sshd daemon,
due to a fear you would lock yourself out, despite several
people pointing out that it doesn't break client connections
so you could back out your single change and re-restart the
daemon, for a change you want to make which is merely
cosmetic and essentially a waste of time, you managed to
break your ssh init scripts, force at least one reboot and
lose your access to the box.
Seriously:
***restarting the sshd listening daemon does not stop
your existing ssh client sessions!***
For such a small change, with such a low likelyhood of going
wrong, you can just make it, restart the daemon, confirm the
daemon is still listening, and you're done. And if it
wasn't listening, back out your single, small, change,
restart the daemon again, and you're back where you started.
--
Jon Dowland
Attachment:
signature.asc
Description: Digital signature