[BUG] [9.7_p1-r4-ls174] is broken, sshd not started #95
Comments
|
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid. |
|
Please provide the sshd logs from /config/logs/openssh/current I can't replicate this issue with either a clean or existing install so it suggests something environmental at work. |
|
Hi! I am experiencing a similar issue, at least similar symptoms. The issue for me seems to be related to the recent changes to the directory permissions of /config/ssh_host_keys. I am using a custom user (PUID/PGID/USER_NAME) and SUDO_ACCESS=false. The startup fails with |
|
|
In my case, it's just I reverted back to 9.7_p1-r4-ls173, which works fine. |
Thank you! Here is the log |
Yes, in ls173 that folder was owned by the user, in ls174 /config/ssh_host_keys is owned by root so this must be the reason. |
|
Ugh, people have obviously been fiddling with their folder permissions, the default is I'll do a PR to fix the permissions on the folder and keys for anyone that's changed them. |
|
The PR fix for this issue caused other issues. The host keys are required to be |
Is having a single user for the service itself and for the login like trying to square the circle? In order to prevent a logged in user from doing something silly/harmful/unintended (incl. accessing the server's private key, changing the config, ...), it might be cleaner to run the service as a different user from the one being used for logins. |
|
That's something you can't do unless sshd is running as root because it needs to setuid when a user other than the one running sshd tries to login. You either run as root or you're limited to logging in as the user that runs sshd. #97 should fix the issue; fundamentally it's caused by sshd_config and the host keys sharing the same directory and needing different permissions, so splitting them up solves it without too much fuss. |
Is there an existing issue for this?
Current Behavior
sshd not started in the latest image [9.7_p1-r4-ls174] but old image [9.7_p1-r4-ls173] works fine.
Expected Behavior
sshd started.
Steps To Reproduce
Environment
CPU architecture
x86-64
Docker creation
Container logs
[migrations] started [migrations] no migrations found ─────────────────────────────────────── ██╗ ███████╗██╗ ██████╗ ██║ ██╔════╝██║██╔═══██╗ ██║ ███████╗██║██║ ██║ ██║ ╚════██║██║██║ ██║ ███████╗███████║██║╚██████╔╝ ╚══════╝╚══════╝╚═╝ ╚═════╝ Brought to you by linuxserver.io ─────────────────────────────────────── To support LSIO projects visit: https://www.linuxserver.io/donate/ ─────────────────────────────────────── GID/UID ─────────────────────────────────────── User UID: 1000 User GID: 1000 ─────────────────────────────────────── Linuxserver.io version: 9.7_p1-r4-ls174 Build-date: 2024-11-22T16:51:16+00:00 ─────────────────────────────────────── User name is set to xxxx sudo is disabled. SSH host public key(s): ssh-dss AAAAB3Nza...k0M= root@openssh-server ecdsa-sha2-nistp256 AAAAE2...Q0KjA8= root@openssh-server ssh-ed25519 AAAAC...maExsw6aAX root@openssh-server ssh-rsa AAAAB3...WbBU= root@openssh-server sshd is listening on port 2222 User/password ssh access is disabled. [custom-init] No custom files found, skipping...The text was updated successfully, but these errors were encountered: