Re: No ssh service after upgrade from trixie Sid to forky Sid

To: debian-user@lists.debian.org
Subject: Re: No ssh service after upgrade from trixie Sid to forky Sid
From: "Thomas Schmitt" <scdbackup@gmx.net>
Date: Sat, 13 Sep 2025 11:31:31 +0200
Message-id: <[🔎] 27858476058319374333@scdbackup.webframe.org>
In-reply-to: <[🔎] 10a2tfn$5jt$1@ciao.gmane.io>
References: <[🔎] 10a2tfn$5jt$1@ciao.gmane.io>

Hi,

Max Nikulin
> I am curious if "Conflicts" in gnome-themes-extra-data for earlier version
> of gnome-themes-standard-data may help to avoid this kind of issue.

It looks like "gnome-themes-standard-data" is kindof a zombie package.

The showstopper was an alleged conflict about file
/usr/share/themes/Adwaita/gtk-2.0/apps.rc
between
https://packages.debian.org/sid/all/gnome-themes-extra-data/filelist
and
gnome-themes-standard-data
for which i find no package tracker page.

In the running trixie VM i don't find this conflict or the complained
package "gnome-themes-standard-data" :
-----------------------------------------------------------------------
$ apt-file search 'Adwaita/gtk-2.0/apps.rc'
gnome-themes-extra-data: /usr/share/themes/Adwaita/gtk-2.0/apps.rc
$ apt-file search gnome-themes-standard-data
$
-----------------------------------------------------------------------
The same is reported on the pre-trixie Sid from which the upgrade
adventure began.

But
dpkg -l dpkg -l gnome-themes'*'
reports on trixie among other lines

ii gnome-themes-standard-data 3.22.3-1 all Adwaita GTK+ 2 theme — common files

and the same on pre-trixie Sid.

There is
https://packages.debian.org/bullseye/gnome-themes-standard
but not
https://packages.debian.org/buster/gnome-themes-standard
https://packages.debian.org/bookworm/gnome-themes-standard
https://packages.debian.org/sid/gnome-themes-standard
and no "gnome-themes-standard-data".

The internet says that "gnome-themes-standard-data" once existed in
Debian 9.

I ran on trixie:
-----------------------------------------------------------------------
# apt-get purge gnome-themes-standard-data
The following packages were automatically installed and are no longer required:
...
... the list does not contain any gnome-theme* name ...
...
Removing gnome-themes-standard-data (3.22.3-1) ...
# dpkg -l gnome-themes'*'
...
un gnome-themes-standard-data <none> <none> (no description available)
#
-----------------------------------------------------------------------
Now i hope that this problem will not bite again when i upgrade to Sid.

(But first i need to clean up in /etc/ssh/sshd_config so that the next
upgrade does not spoil the ssh service if any of them becomes an
unsuported feature.)

> As to ssh and libssl, my guess is that at certain point of upgrade process
> available (or running) executable file was inconsistent with dynamically
> loaded libraries present in the file system.

apt --fix-broken install
finally fixed it up to a point where only the outdated configuration
line
PubkeyAcceptedKeyTypes +ssh-dss
prevented the start of the ssh service. No "Unpacking" lines appeared
during this run.
There were lines about openssh-server:
-----------------------------------------------------------------------
Setting up openssh-server (1:10.0p1-7) ...
Installing new version of config file /etc/pam.d/sshd ...
Installing new version of config file /etc/ssh/moduli ...
/etc/ssh/sshd_config line 19: Deprecated option KeyRegenerationInterval
/etc/ssh/sshd_config line 20: Deprecated option ServerKeyBits
/etc/ssh/sshd_config line 31: Deprecated option RSAAuthentication
/etc/ssh/sshd_config line 38: Deprecated option RhostsRSAAuthentication
/etc/ssh/sshd_config line 91: Bad key types '+ssh-dss'.
Finishing upgrade from pre-9.8 monolithic sshd ...
Removing 'diversion of /usr/sbin/sshd to /usr/sbin/sshd.session-split by openssh-client'
Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148.
ssh.socket is a disabled or a static unit not running, not starting it.
-----------------------------------------------------------------------

So i guess the new sshd binary was already on the disk but not
activated so that the old sshd binary tried to run, but encountered the
already activated new library.
-----------------------------------------------------------------------
Sep 11 21:15:30 ts6-sid sshd[31635]: OpenSSL version mismatch. Built against 30000090, you have 30500010
-----------------------------------------------------------------------
On trixie i get from dpkg -l openssl :
ii openssl 3.5.1-1 amd64 ...

On the pre-trixie Sid i get:
ii openssl 3.0.10-1 amd64 ...
but would have expected from the error message 3.0.9 rather than
3.0.10.

ldd /usr/sbin/sshd
does not show any name with "ssl" on pre-trixie and trixie alike.
apt-file search ssl
yields among many others
libssl3: /usr/lib/x86_64-linux-gnu/libssl.so.3
about which dpkg -l says:
ii libssl3:amd64 3.0.10-1 amd64

So it's still unclear to me from where the "9" in "30000090" came
and why it was not "30000100".

Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- [Solved] Re: No ssh service after upgrade from trixie Sid to forky Sid
  - From: "Thomas Schmitt" <scdbackup@gmx.net>

References:
- Re: No ssh service after upgrade from trixie Sid to forky Sid
  - From: Max Nikulin <manikulin@gmail.com>

Prev by Date: Re: Specialized disk directory tools
Next by Date: Re: Specialized disk directory tools
Previous by thread: Re: No ssh service after upgrade from trixie Sid to forky Sid
Next by thread: [Solved] Re: No ssh service after upgrade from trixie Sid to forky Sid
Index(es):
- Date
- Thread