2920 – Centos7.4, openssh 7.4p1 upgrade openssh 7.8p1, sshd service restart failed

Bug 2920 - Centos7.4, openssh 7.4p1 upgrade openssh 7.8p1, sshd service restart failed

Summary: Centos7.4, openssh 7.4p1 upgrade openssh 7.8p1, sshd service restart failed

Status:	CLOSED INVALID

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	7.4p1
Hardware:	All Linux

Importance:	P5 security
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-10-19 22:28 AEDT by zsz
Modified:	2019-05-03 14:42 AEST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description zsz 2018-10-19 22:28:47 AEDT

Centos7.4, openssh 7.4p1 upgrade openssh 7.8p1, sshd service restart failed.

Please help me solve the problem, thank you.

prompt：

[root@xtjg-centos74 ~]# service sshd start
Starting sshd (via systemctl):  Job for sshd.service failed because a timeout was exceeded. See "systemctl status sshd.service" and "journalctl -xe" for details.
[失败]
[root@xtjg-centos74 ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: timeout) since 五 2018-10-19 19:25:57 CST; 17s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 2182 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 2182 (code=exited, status=0/SUCCESS)
    Tasks: 7
   CGroup: /system.slice/sshd.service
           ├─1743 sshd: root@pts/0
           ├─1745 -bash
           ├─1815 sshd: root@pts/1
           ├─1817 -bash
           ├─2138 sshd: root@notty
           ├─2140 /usr/libexec/sftp-server
           └─2199 systemctl status sshd.service

10月 19 19:25:57 xtjg-centos74 systemd[1]: Failed to start OpenSSH server daemon.
10月 19 19:25:57 xtjg-centos74 systemd[1]: Unit sshd.service entered failed state.
10月 19 19:25:57 xtjg-centos74 systemd[1]: sshd.service failed.
[root@xtjg-centos74 ~]# journalctl -xe
10月 19 19:23:44 xtjg-centos74 systemd[1]: sshd.service start operation timed out. Terminating.
10月 19 19:23:44 xtjg-centos74 sshd[2129]: Received signal 15; terminating.
10月 19 19:23:44 xtjg-centos74 systemd[1]: Failed to start OpenSSH server daemon.
-- Subject: Unit sshd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit sshd.service has failed.
-- 
-- The result is failed.
10月 19 19:23:44 xtjg-centos74 systemd[1]: Unit sshd.service entered failed state.
10月 19 19:23:44 xtjg-centos74 systemd[1]: sshd.service failed.
10月 19 19:23:44 xtjg-centos74 polkitd[785]: Unregistered Authentication Agent for unix-process:2163:163415 (system bus name :1.66, objec
10月 19 19:24:27 xtjg-centos74 systemd[1]: sshd.service holdoff time over, scheduling restart.
10月 19 19:24:27 xtjg-centos74 systemd[1]: Starting OpenSSH server daemon...
-- Subject: Unit sshd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit sshd.service has begun starting up.
10月 19 19:24:27 xtjg-centos74 sshd[2182]: Server listening on 0.0.0.0 port 22.
10月 19 19:24:27 xtjg-centos74 sshd[2182]: Server listening on :: port 22.
10月 19 19:25:57 xtjg-centos74 systemd[1]: sshd.service start operation timed out. Terminating.
10月 19 19:25:57 xtjg-centos74 sshd[2182]: Received signal 15; terminating.
10月 19 19:25:57 xtjg-centos74 systemd[1]: Failed to start OpenSSH server daemon.
-- Subject: Unit sshd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit sshd.service has failed.
-- 
-- The result is failed.
10月 19 19:25:57 xtjg-centos74 systemd[1]: Unit sshd.service entered failed state.
10月 19 19:25:57 xtjg-centos74 systemd[1]: sshd.service failed.
[root@xtjg-centos74 ~]# sshd -T
port 22
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
logingracetime 120
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin yes
ignorerhosts yes
ignoreuserknownhosts no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
pubkeyauthentication yes
passwordauthentication yes
kbdinteractiveauthentication yes
challengeresponseauthentication yes
printmotd yes
printlastlog yes
x11forwarding no
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
compression yes
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
disableforwarding no
allowstreamlocalforwarding yes
streamlocalbindunlink no
fingerprinthash SHA256
exposeauthinfo no
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
banner none
forcecommand none
chrootdirectory none
trustedusercakeys none
revokedkeys none
authorizedprincipalsfile none
versionaddendum none
authorizedkeyscommand none
authorizedkeyscommanduser none
authorizedprincipalscommand none
authorizedprincipalscommanduser none
hostkeyagent none
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
rdomain none
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
authenticationmethods any
subsystem sftp /usr/libexec/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos af21 cs1
rekeylimit 0 0
permitopen any
permitlisten any
permituserenvironment no
[root@xtjg-centos74 ~]#

Comment 1 Damien Miller 2018-11-09 13:53:33 AEDT

This looks like a configuration problem between systemd and sshd. sshd is starting up normally, but systemd is killing it moments later. I'd check that your systemd configuration is correctly detecting sshd's startup.

I'll close this bug, but please use the openssh-unix-dev@ mailing list for configuration problems like this. https://www.openssh.com/report.html

Comment 2 Damien Miller 2019-05-03 14:42:32 AEST

Move resolved bugs -> CLOSED after 8.0 release