weird sshd behaviour

E

ebros

When running sshd from /etc/rc.local, another sshd process is being spawned. It looks like /etc/rc.d/sshd was also being executed even it was not enabled in /etc/rc.conf.

Code: 
#cat /etc/rc.conf
# Created: Wed Mar 30 00:55:59 2011
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
sshd_enable="NO"

Code: 
# cat /etc/rc.local
/usr/sbin/sshd -f /root/ssh/sshd_config -h /root/ssh/ssh_host_rsa_key

/root/ssh/sshd_config is configured to listen using port 2525.

sockstat shows two active listening sshd.
Code: 
# sockstat -4L
root     sshd       1196  4  tcp4   *:22                  *:*
root     sshd       1114  4  tcp4   *:2525                *:*

Code: 
# ps -aux | grep sshd
root   1114  0.0  0.1 26260  4412  ??  Ss   12:42PM   0:00.01 /usr/sbin/sshd -f /root/ssh/sshd_config -h /root/ssh/ssh_host_rsa_key
root   1196  0.0  0.1 26260  4824  ??  Is   12:42PM   0:00.00 /usr/sbin/sshd

Code: 
# uname -a
FreeBSD  8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17 02:41:51 UTC 2011     root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64

Anybody has experienced this issue?
As a work around fix, I did chmod -x /etc/rc.d/sshd to disable execution mode.
 
Maybe /etc/defaults/rc.conf has been mistakenly modified to enable sshd?

Beyond that, why not just change the system sshd config and run it through /etc/rc.d like normal?
 
I guess you did check Port in your custom /root/ssh/sshd_config

# grep ^Port /root/ssh/sshd_config

Did you check the sockstat status after you stopped sshd? Check who spawned the process (PPID) by:

# ps -aj

Looking at your ps output it seems sshd:22 is started after /etc/rc.local.
 
[CMD=]# ps -aux | grep sshd[/cmd]
Code: 
root   1114  0.0  0.1 26260  4412  ??  Ss   12:42PM   0:00.01 /usr/sbin/sshd -f /root/ssh/sshd_config -h /root/ssh/ssh_host_rsa_key
root   1196  0.0  0.1 26260  4824  ??  Is   12:42PM   0:00.00 /usr/sbin/sshd

1. The above output shows that you are running first ssh with default configurations from /etc/ssh/sshd_config (second line) on port 22 and another instance of ssh daemon from the configuration at /root/ssh/sshd_config at the port you specified (2525). Just my guess.

2. Or, you might still have
Code: 
sshd_enable="YES"
in /etc/default/rc.conf

Just guesswork, not an expert opinion ;-)
 
I just encountered this same problem, or nearly the same. As it turns out sshd was being run by inetd, but the inetd spawned version was not reading my /etc/ssh/sshd_config correctly, if at all. Disabling sshd in inetd.conf and restarting the system forced sshd to only answer on the Port I specify in sshd_config.

Not sure why the inetd spawned sshd was ignoring this directive? The net result was that sshd was answering on my preferred port *and* on 22. Is this a bug in SSH in FreeBSD 8.2-RELEASE?

Thanks,

John
 
Don't use inetd unless you absolutely have to. It's a relic from the past.
 
You must log in or register to reply here.
Back
Top