Weird ssh process under debian 9 image provided

lpyparmentier · April 16, 2021, 11:04am

Hello everyone,

I’ve recently installed debian 9 gui on my rock pi 4 b model (emmc card), that i’ve upgraded to debian buster.

I’ve change some configuration related to ssh (/etc/ssh/sshd_config), which is something pretty common by people that secure their access.

When I restart ssh (systemctl restart ssh), everything is taken in consideration, however when i reboot the board, the ssh process started never came through the /etc/ssh/sshd_config. I’ve explicitly used another port and set AddressFamily to inet in order to listen on the ip v4.

After the reboot, we can see through netstat that nothing has been set-up (ssh on ip6 with the default port 22):

root@rockpi4-services:~# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      391/systemd-resolve 
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      391/systemd-resolve 
tcp6       0      0 :::22                   :::*                    LISTEN      1/init              
tcp6       0      0 :::5355                 :::*                    LISTEN      391/systemd-resolve

In fact, if i check the services, they are dead ?! (not started and managed by systemd?!)

root@rockpi4-services:~# systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:sshd(8)
           man:sshd_config(5)

root@rockpi4-services:~# /etc/init.d/ssh status
● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:sshd(8)
           man:sshd_config(5)

However, when I just type: /usr/sbin/sshd, it correctly start the process with the configuration (ipv4 and another ssh port). I’m unable to explain what’s going on… I’ve also tried to pass the file in /etc/default/ssh:SSHD_OPTS="-f /etc/ssh/sshd_config" but nothing happen.

Could someone help me with what’s going on ?

sfo · August 16, 2021, 10:07am

I’m seeing the same problem and need a fix.

$ sudo reboot

# system boots

$ sudo systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:sshd(8)
           man:sshd_config(5)

$ ps -ef|grep ssh
linaro    1071  1029 0 09:53 pts/0    00:00:00 grep ssh

$ ssh localhost
The authenticity of host 'localhost (::1)' can not be established.
ECDSA key fingerprint is SHA256:...
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.

$ sudo ss -tnlp
State  Recv-Q Send-Q Local Address:Port  Peer Address:Port
[...]
LISTEN      0      0               *:22                *:*     users:(("systemd", pid=1,fd=45))

$ sudo systemctl restart ssh

$ sudo ss -tnlp
State  Recv-Q Send-Q Local Address:Port  Peer Address:Port
[...]
LISTEN      0      0               *:2222              *:*     users:(("sshd", pid=1259,fd=4))

$ ssh localhost
ssh: connect to host localhost port 22: Connection refused

It seems there’s a sshd server process running after booting the RockPi that is different from the openssh-server in /usr/sbin/sshd. However I don’t understand how the “systemd-integrated” (see first output of ss above) is started.

lpyparmentier · September 2, 2021, 1:54pm

Hey, really happy that i’m not the only one. Still not fixed for me, and I’ve send an email to the support: no feedback.

lpyparmentier · September 24, 2021, 9:34am

Still no feedback, I’ll give up with the rockpi4, the community is not at the level of raspberry pi, and the most recent rpi are capable of doing nvme also. Have a great day!