[Base role] - Fix issue with ssh not restarted #664

New Issue

Closed

opened 2023-10-03 22:52:03 +02:00 by meaz · 4 comments

meaz commented

2023-10-03 22:52:03 +02:00

Owner

No description provided.

meaz added this to the 23.10 - October milestone 2023-10-03 22:52:21 +02:00

meaz commented

2023-10-04 10:57:12 +02:00

Author

Owner

It seems that ssh is restarted but when I try to ssh, I get kex_exchange_identification: read: Connection reset by peer for some CT. I then pct enter that container, check logs, I see the message Missing privilege separation directory: /run/sshd.
I just have to restart ssh and it works.

It seems that ssh is restarted but when I try to ssh, I get `kex_exchange_identification: read: Connection reset by peer` for some CT. I then pct enter that container, check logs, I see the message `Missing privilege separation directory: /run/sshd`. I just have to restart ssh and it works.

meaz commented

2023-10-28 09:30:06 +02:00

Author

Owner

So I did more search and tests. It could be a conflict between ssh.service and ssh.socket.

See:

BUT I've noticed that the issue is not from the base role. I get the exact same issue when I apt upgrade in the CT. If I exit, then I can not ssh anymore, with same error. I found that: https://forum.proxmox.com/threads/ssh-server-restart-needed-after-package-upgrades.111855/ But I didn't find anything weird in /etc/apt

Anyway, I'm stocked there @muppeth

So I did more search and tests. It could be a conflict between ssh.service and ssh.socket. See: - https://linux.debian.bugs.dist.narkive.com/doFTNqSu/bug-946180-openssh-server-occasionally-missing-privilege-separation-directory-with-ssh-socket - https://askubuntu.com/questions/1109934/ssh-server-stops-working-after-reboot-caused-by-missing-var-run-sshd BUT I've noticed that the issue is not from the base role. I get the exact same issue when I `apt upgrade` in the CT. If I exit, then I can not ssh anymore, with same error. I found that: https://forum.proxmox.com/threads/ssh-server-restart-needed-after-package-upgrades.111855/ But I didn't find anything weird in /etc/apt Anyway, I'm stocked there @muppeth

muppeth modified the milestone from 23.10 - October to 23.11 - November

2023-11-07 02:50:03 +01:00

muppeth commented

2023-11-10 23:50:22 +01:00

Owner

So seems like it's all about missing /var/run/sshd. There are two things we could do to quickly fix it.

Add task on base role to create the dir if doesnt exist
Cronjob to check if ssh is running and if the dir exist.

Perhaps cronjob would be better because it will check every so much to check if everything is fine though base is "cleaner". We could maybe start with role and if we run into issues after apt update, then we could replace this with cronjob.

So seems like it's all about missing `/var/run/sshd`. There are two things we could do to quickly fix it. 1. Add task on base role to create the dir if doesnt exist 2. Cronjob to check if ssh is running and if the dir exist. Perhaps cronjob would be better because it will check every so much to check if everything is fine though base is "cleaner". We could maybe start with role and if we run into issues after apt update, then we could replace this with cronjob.

muppeth commented

2023-11-14 00:17:02 +01:00

Owner

I went at the end with cronjob way.

meaz closed this issue

2023-11-15 18:58:07 +01:00