263489 – sshd does not work after reboot to 13.1-RC4

[Cath O'Deray]

… https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263489 - a fix might not make it in the new release, so after a reboot ensure that you restart sshd manually, otherwise you cannot login via ssh

Re: <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263489#c9>, for Arch Linux the comment for the fix was openssh-8.2p1-3 in [core].

From Arch Linux - News: sshd needs restarting after upgrading to openssh-8.2p1:

… If you are upgrading to openssh-8.2p1-3 or higher, this restart will happen automatically.

Superior 8.8p1 is logged under <https://cgit.freebsd.org/src/log/?h=releng/13.1&qt=grep&q=openssh>.

<https://www.openssh.com/releasenotes.html> ▶ <https://www.openssh.com/txt/release-8.3> I see nothing relating to 65517 or restarting sshd …

… do we assume that the fix was in Arch (not in OpenSSH)? (Asking here, to not create noise in Bugzilla.)

emaste@

 

[rootbert]

I just think the sshd bug is not giving enough attention and is serious, so imho it should be mentioned in the installation instructions that sshd needs a restart after the upgrade. I'm sure otherwise users start complaining about not being able to connect or they need to reset the hardware which is not so great...

 

[SirDice]

so imho it should be mentioned in the installation instructions that sshd needs a restart after the upgrade.

You should restart the machine after the upgrade.

 

[rootbert]

You should restart the machine after the upgrade.

there are users out there without packages installed in the host system, so those usually do not need a 2nd reboot ;-)

 

[SirDice]

there are users out there without packages installed in the host system, so those usually do not need a 2nd reboot

I only reboot once with an upgrade. Do the version upgrade (completely, no reboots in between), then upgrade the packages, then do the reboot.

 

[rootbert]

I am well aware how to work around that bug, I am just concerned about other users. maybe my comments were not clear: if you stick to the official installation instructions and use freebsd-update you will not be able to login via sshd after you finish the installation of the upgrade after the reboot ... unless you reboot for the second time or do a manual sshd restart.

 

[msplsh]

You should dig more into that Arch link of yours:

"Internal protocol between parent and child sshd is changed, so the parent sshd (version 8.1 before restarting sshd) cannot run child sshd (version 8.2 after pacman -Syu)"

 

[Cath O'Deray]

Thanks, do you know how Arch fixed it?

 

[msplsh]

It's the next comment on the bug report after that one.

 

[rootbert]

in arch they released a new minor update that triggers an sshd restart. btw: the bug report now includes a fix: explicit mention in the release notes

 

[suntzu00]

https://cgit.freebsd.org/src/commit/?id=6cd1bc53160973fc421c59f66aaa7e4b37a8cebe in Main. probably will be merged before 13.1 is released.

 

[larshenrikoern]

I am well aware how to work around that bug, I am just concerned about other users. maybe my comments were not clear: if you stick to the official installation instructions and use freebsd-update you will not be able to login via sshd after you finish the installation of the upgrade after the reboot ... unless you reboot for the second time or do a manual sshd restart.

It is fixed in main. I have no clue if it will be backported to 13.1 https://cgit.freebsd.org/src/commit/?id=6cd1bc53160973fc421c59f66aaa7e4b37a8cebe

 

[Cath O'Deray]

… probably will be merged before 13.1 is released.

I like to think so. I'm in two minds.

The two-week period (before merge) seems sane. Let's not rush it.

Re: <https://forums.freebsd.org/posts/565670> I don't imagine the FreeBSD Handbook being fixed in time, and (gut feeling) this is not the type of issue where we should chastise people who shoot themselves in the feet (for not paying attention to release notes).