Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic:  How do I start ssh server on boot  (Read 14626 times)

Offline vilde

  • User
  • Posts: 708
How do I start ssh server on boot
« on: 2014/07/27, 01:21:02 »
I want ssh server to start on boot, it didn't work to just check the start ssh on boot during the installation. Now I start ssh manually with "systemctl start sshd.service" that works but the corresponding "systemctl enable sshd.service" that shall make sshd start on boot is failing.
Code: [Select]
# systemctl enable sshd.service
Failed to issue method call: No such file or directory

XFCE 32 bit
 



Offline ayla

  • User
  • Posts: 1.744
Re: How do I start ssh server on boot
« Reply #1 on: 2014/07/27, 10:59:20 »
I have no idea where or how this "failed" is caused. der_bud mentioned a change in systemd 208 in another (german) thread, maybe it's related...

There should be a link in your /etc/systemd/system named sshd.service pointing to /lib/systemd/system/ssh.service, so it is on my system where sshd starts on boot.

If it's not there you may create it and try out:

Code: [Select]
ln -s /lib/systemd/system/ssh.service /etc/systemd/system/sshd.servicegreets
ayla

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #2 on: 2014/07/27, 11:50:41 »
I checked, the link is already there

Offline ayla

  • User
  • Posts: 1.744
Re: How do I start ssh server on boot
« Reply #3 on: 2014/07/27, 13:07:46 »
sorry, no other idea then.

Getting the same "failed" message when setting up the "enable" command.

Code: [Select]
systemctl is-enabled sshd.service; echo $? after bootup tells me:
Quote
enabled
0

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #4 on: 2014/07/27, 14:39:42 »
I found this on archlinux
Quote
Warning: Systemd is an asynchronous starting process. If you bind the SSH daemon to a specific IP address ListenAddress 192.168.1.100 it may fail to load during boot since the default sshd.service unit file has no dependency on network interfaces being enabled. When binding to an IP address, you will need to add After=network.target to a custom sshd.service unit file. See Systemd#Editing provided unit files.
As I have bound the sshd to a specific adress (and port) according to how to secure ssh in siductiuon manual, can this have anything to do with this?
I have followed the link on archlinux but I don't understated how to do.

Offline ayla

  • User
  • Posts: 1.744
Re: How do I start ssh server on boot
« Reply #5 on: 2014/07/27, 18:56:48 »
Quote
[Unit]
Description=OpenBSD Secure Shell server
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run

[Service]
EnvironmentFile=-/etc/default/ssh
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure

[Install]
WantedBy=multi-user.target
Alias=sshd.service

This is the content of the file /etc/systemd/system/sshd.service is pointing to on my system.
As there is the dependency after network.target still in there there's no need to set up a custom file for that.

If this is the same on your system then this also can't be the cause -at least as far as I know.

Does journalctl -b -p err is telling you something?

This is the output of my "critical-chain", maybe it helps  on analyzing the Problem.
Code: [Select]
systemd-analyze critical-chain sshd.service
ssh.service @8.295s
└─basic.target @1.647s
  └─timers.target @1.643s
    └─systemd-tmpfiles-clean.timer @1.630s
      └─sysinit.target @1.364s
        └─nfs-common.service @1.278s +60ms
          └─rpcbind.target @1.250s
            └─rpcbind.service @1.207s +31ms
              └─network-online.target @1.204s
                └─network.target @1.202s
                  └─networking.service @1.118s +81ms
                    └─systemd-random-seed.service @1.101s +9ms
                      └─var.mount @1.095s +4ms
                        └─dev-disk-by\x2duuid-12b3506d\x2d2e7f\x2d40fa\x2da4b8\x2da8caa296674f.device @1$

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #6 on: 2014/07/29, 11:03:10 »
This is what  journalctl -b -p err tells me
Code: [Select]
-- Logs begin at sön 2014-07-27 01:01:42 CEST, end at tis 2014-07-29 10:50:42 CEST. --
jul 27 01:01:46 siductionbox-media kernel: snd_hda_intel 0000:00:1b.0: control 2:0:0:Digital Capture Volume:0 is already present
jul 27 01:01:49 siductionbox-media ntpdate[544]: Can't find host 0.debian.pool.ntp.org: Name or service not known (-2)
jul 27 01:01:49 siductionbox-media ntpdate[544]: Can't find host 1.debian.pool.ntp.org: Name or service not known (-2)
jul 27 01:01:49 siductionbox-media ntpdate[544]: Can't find host 2.debian.pool.ntp.org: Name or service not known (-2)
jul 27 01:01:49 siductionbox-media ntpdate[544]: Can't find host 3.debian.pool.ntp.org: Name or service not known (-2)
jul 27 01:01:49 siductionbox-media ntpdate[544]: no servers can be used, exiting
jul 27 01:01:53 siductionbox-media sshd[593]: error: Bind to port x on y failed: Cannot assign requested address.
jul 27 01:01:53 siductionbox-media sshd[593]: fatal: Cannot bind any address.
jul 27 01:01:53 siductionbox-media sshd[733]: error: Bind to port x on y failed: Cannot assign requested address.
jul 27 01:01:53 siductionbox-media sshd[733]: fatal: Cannot bind any address.
jul 27 01:01:53 siductionbox-media sshd[746]: error: Bind to port x on y failed: Cannot assign requested address.
jul 27 01:01:53 siductionbox-media sshd[746]: fatal: Cannot bind any address.
jul 27 01:01:53 siductionbox-media sshd[748]: error: Bind to port x on y failed: Cannot assign requested address.
jul 27 01:01:53 siductionbox-media sshd[748]: fatal: Cannot bind any address.
jul 27 01:01:53 siductionbox-media sshd[750]: error: Bind to port x on y failed: Cannot assign requested address.
jul 27 01:01:53 siductionbox-media sshd[750]: fatal: Cannot bind any address.
jul 27 01:01:53 siductionbox-media systemd[1]: Failed to start OpenBSD Secure Shell server.
jul 27 01:01:53 siductionbox-media ntpd_intres[709]: host name not found: 0.debian.pool.ntp.org
jul 27 01:01:53 siductionbox-media ntpd_intres[709]: host name not found: 1.debian.pool.ntp.org
jul 27 01:01:53 siductionbox-media ntpd_intres[709]: host name not found: 2.debian.pool.ntp.org
jul 27 01:01:53 siductionbox-media ntpd_intres[709]: host name not found: 3.debian.pool.ntp.org
jul 27 01:05:38 siductionbox-media su[x]: pam_authenticate: Authentication failure
jul 27 01:11:11 siductionbox-media su[7471]: pam_authenticate: Authentication failure
jul 27 01:11:28 siductionbox-media su[7508]: pam_authenticate: Authentication failure
jul 27 21:16:09 siductionbox-media kernel: sd 6:0:0:0: [sdb] No Caching mode page found
jul 27 21:16:09 siductionbox-media kernel: sd 6:0:0:0: [sdb] Assuming drive cache: write through
jul 29 10:43:17 siductionbox-media su[12938]: pam_authenticate: Authentication failure
I changed my assigned ip to x and port to y

It looks like it has to do with the assigned ip and port or

Offline ayla

  • User
  • Posts: 1.744
Re: How do I start ssh server on boot
« Reply #7 on: 2014/07/29, 15:02:24 »
I just can guess, but as long as no one jumps in...

Please post the filename and content of the section where you have assigned your IP and port, so I may try to reproduce.Hide port and IP of course. I tried in sshd.config  but I just can assign a port successful. The IP you're using, what is it, do you have to prepare the device you're listening to? I didn't tried before.

What is
Code: [Select]
systemctl status sshd.service telling you before and after you start it manually?
I had to see that systemctl start sshd.service just didn't give me a failed message even though the start failed...

A full output of journalctl -b may also be helpful, you may deliver it with
Code: [Select]
siduction-paste journalctl -b and post the resulting adress here., but that does not work for me at the moment, I will open a thread about that.

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #8 on: 2014/07/30, 10:57:28 »
I have replaced my modified /etc/ssh/sshd-config with the unmodified from a siduction install. Then without doing anything else, ssh is starting on boot.

My modified sshd_config is changed from the original in 4 lines and I have added two lines:

  • Port 22 ---> Port xxxx
  • #ListenAddress :: ---> ListenAddress 192.168.x.xx
  • LoginGraceTime 120 ---> LoginGraceTime 45
  • PermitRootLogin without-password ---> PermitRootLogin no
  • "added" MaxAuthTries 2
  • "added" AllowUsers xxxx
Edited: Now I have pined this down to one line, its the "ListenAddress 192.168.x.xx" that makes sshd not starting
« Last Edit: 2014/07/30, 11:22:56 by vilde »

Offline der_bud

  • User
  • Posts: 1.072
  • member
Re: How do I start ssh server on boot
« Reply #9 on: 2014/07/30, 16:06:12 »
Perhaps you want to read the following three links, explainig that the ListenAddress is the one from your server (to bind ssh to one NIC if your server has several), not the IP of the clients who connect. So for a normal desktop computer where you normally have only one IP that line seems useless.
The 3rd link explains how to use hosts.deny and hosts.allow if you want to filter which clients can connect.

http://www.cyberciti.biz/tips/howto-openssh-sshd-listen-multiple-ip-address.html
http://www.ewhathow.com/2013/09/change-ssh-server-listening-ip-addresses/
http://forums.debian.net/viewtopic.php?t=50791
Du lachst? Wieso lachst du? Das ist doch oft so, Leute lachen erst und dann sind sie tot.

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #10 on: 2014/07/30, 18:34:39 »
Perhaps you want to read the following three links, explainig that the ListenAddress is the one from your server (to bind ssh to one NIC if your server has several), not the IP of the clients who connect. So for a normal desktop computer where you normally have only one IP that line seems useless.
The 3rd link explains how to use hosts.deny and hosts.allow if you want to filter which clients can connect.

http://www.cyberciti.biz/tips/howto-openssh-sshd-listen-multiple-ip-address.html
http://www.ewhathow.com/2013/09/change-ssh-server-listening-ip-addresses/
http://forums.debian.net/viewtopic.php?t=50791
OK, the thing is that I have followed the siduction manual about securing ssh server. The manual is old, I have used this setup probably since sidux-time and the manual about securing ssh is the same as it has been all years I believe. Maybe the manual about ssh and security shall be updated?

Offline ayla

  • User
  • Posts: 1.744
Re: How do I start ssh server on boot
« Reply #11 on: 2014/07/30, 19:01:22 »
Vilde: You may also have a look on this part of our wiki for setting up a secure ssh connection:

http://wiki.siduction.de/index.php?title=VNC-Verbindung_durch_ssh-Tunnel_mit_dynamischer_DNS_herstellen#Establish_a_ssh-connection

mylo

  • Guest
Re: How do I start ssh server on boot
« Reply #12 on: 2014/07/30, 23:03:48 »
I even have here a similar one:

Code: [Select]
systemctl status ssh
ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled)
   Active: failed (Result: start-limit) since Mi 2014-07-30 22:34:01 CEST; 2min 20s ago
  Process: 20045 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)
 Main PID: 20045 (code=exited, status=255)

Jul 30 22:34:01 tuap systemd[1]: ssh.service: main process exited, code=exited, status=255/n/a
Jul 30 22:34:01 tuap systemd[1]: Unit ssh.service entered failed state.
Jul 30 22:34:01 tuap systemd[1]: ssh.service holdoff time over, scheduling restart.
Jul 30 22:34:01 tuap systemd[1]: Stopping OpenBSD Secure Shell server...
Jul 30 22:34:01 tuap systemd[1]: Starting OpenBSD Secure Shell server...
Jul 30 22:34:01 tuap systemd[1]: ssh.service start request repeated too quickly, refusing to start.
Jul 30 22:34:01 tuap systemd[1]: Failed to start OpenBSD Secure Shell server.
Jul 30 22:34:01 tuap systemd[1]: Unit ssh.service entered failed state.
root@tuap:/home/mylo# systemctl start  ssh
root@tuap:/home/mylo# systemctl status ssh
ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled)
   Active: failed (Result: start-limit) since Mi 2014-07-30 22:36:53 CEST; 2s ago
  Process: 2849 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)
 Main PID: 2849 (code=exited, status=255)

Jul 30 22:36:53 tuap systemd[1]: ssh.service: main process exited, code=exited, status=255/n/a
Jul 30 22:36:53 tuap systemd[1]: Unit ssh.service entered failed state.
Jul 30 22:36:53 tuap systemd[1]: ssh.service holdoff time over, scheduling restart.
Jul 30 22:36:53 tuap systemd[1]: Stopping OpenBSD Secure Shell server...
Jul 30 22:36:53 tuap systemd[1]: Starting OpenBSD Secure Shell server...
Jul 30 22:36:53 tuap systemd[1]: ssh.service start request repeated too quickly, refusing to start.
Jul 30 22:36:53 tuap systemd[1]: Failed to start OpenBSD Secure Shell server.
Jul 30 22:36:53 tuap systemd[1]: Unit ssh.service entered failed state.

Offline der_bud

  • User
  • Posts: 1.072
  • member
Re: How do I start ssh server on boot
« Reply #13 on: 2014/07/31, 08:22:42 »
Please show output of
Code: [Select]
ls -ln /etc/systemd/system/ssh*and
Code: [Select]
cat /lib/systemd/system/ssh.service
Du lachst? Wieso lachst du? Das ist doch oft so, Leute lachen erst und dann sind sie tot.

Offline vilde

  • User
  • Posts: 708
Re: How do I start ssh server on boot
« Reply #14 on: 2014/08/01, 13:32:37 »
This thread are sort of solved for me, I did, ListenAddress 192.168.x.xx ---> #ListenAddress 192.168.x.xx in /etc/ssh/sshd_config and now ssh server is starting on boot. I believe there are other questions about systemd and starting ssh, but for me it's ok for now. Thank you for your help and links, ayla and der_bud.