You are not logged in.

#1 2017-03-15 17:38:33

aliena
Member
Registered: 2015-10-09
Posts: 29

[SOLVED] sshd starting before IP is assigned

Hi everybody,

I have a server running the latest Arch Linux. Of course it has sshd running. When rebooting the machine it often happens that sshd starts before the ethernet interface gets an IP address. Thus the sshd fails and I cannot connect via ssh.

The server runs netctl and starts the interface via netctl-ifplugd. I did not modify any systemd service files. Network startup in general works fine. After the IP address is assigned, all it takes is a

# systemctl restart sshd

to bring the sshd up.

Relevant journal entries

Mar 13 18:43:34 rivendell sshd[305]: Server listening on 127.0.0.1 port 22.
Mar 13 18:43:34 rivendell sshd[305]: error: Bind to port 22 on 192.168.1.25 failed: Cannot assign requested address.

sshd_config

ListenAddress 192.168.1.25
ListenAddress 127.0.0.1
AllowUsers <some filters>
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
PrintMotd no # pam does that
Subsystem       sftp    /usr/lib/ssh/sftp-server

netctl config

Description='A basic dhcp ethernet connection'
Interface=enp0s31f6
Connection=ethernet
IP=dhcp
DNS=192.168.1.1
IP6=stateless

Thanks for your help!

Last edited by aliena (2017-03-16 16:31:40)

Offline

#2 2017-03-15 19:20:52

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: [SOLVED] sshd starting before IP is assigned

Have you tried running the SSH daemon through socket activation?
See https://wiki.archlinux.org/index.php/Se … management (especially the part where you set `FreeBind=true` to avoid the particular problem you described).

--edit--
Basically this would be

systemctl disable --now sshd.service
systemctl enable --now sshd.socket

For your particular case, you'll also need to `systemctl edit sshd.socket` and add the `ListenStream` and `FreeBind` lines.

--edit2--
Actually, graysky's got a point - why ListenAddress? If you want to restrict who can access your SSH server, setting up a firewall would probably be a cleaner approach.

Last edited by ayekat (2017-03-15 19:24:06)


pkgshackscfgblag

Offline

#3 2017-03-15 19:22:02

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: [SOLVED] sshd starting before IP is assigned

Never needed to specify ListenAddress before.... if you comment those out and reboot does it change the behavior?


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#4 2017-03-16 16:31:10

aliena
Member
Registered: 2015-10-09
Posts: 29

Re: [SOLVED] sshd starting before IP is assigned

I used `ListenAddress` because there are other interfaces on the server where no SSH connection should be possible.

Now I reconfigured my firewall to not allow the connection from the other interfaces. I removed the `ListenAddress` directive again and now it works as intended.

Thank you for the pointers!

Offline

Board footer

Powered by FluxBB