3179 – sshd bind function and IPv6 neighbor discovery

Bug 3179 - sshd bind function and IPv6 neighbor discovery

Summary: sshd bind function and IPv6 neighbor discovery

Status:	CLOSED WONTFIX

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	8.2p1
Hardware:	ARM64 Linux

Importance:	P5 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-06-08 22:02 AEST by kircher
Modified:	2021-03-04 09:52 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description kircher 2020-06-08 22:02:21 AEST

When I configure a service file in systemd for my /usr/sbin/sshd file, 
I write a dependency statement such as After=network-online.target. 

...
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network-online.target sshd-keygen.target
Wants=sshd-keygen.target
...

However, when I configured some special IPv6 addresses for my network adapter,
 I restarted the machine and found that the bind function of sshd failed to 
 bind such IP addresses. The reason is that when the bind function is called, 
 the IPv6 address is not in the neighbor discovery state 
 and does not take effect completely. 
 
 Therefore, I wonder whether the bind function policy in sshd can be modified accordingly.
 For example, the network address status can be detected first.

Comment 1 Damien Miller 2020-06-26 14:03:52 AEST

Enforcing the external preconditions are met is the job of systemd and/or NetworkManager, not sshd.

I think they already offer a knob that allows this, e.g. this bug report from a similar situation https://bugzilla.redhat.com/show_bug.cgi?id=1713478#c11

Comment 2 Damien Miller 2021-03-04 09:52:50 AEDT

close bugs that were resolved in OpenSSH 8.5 release cycle