Mailing List Archive: The -p option for sshd(8) seems to be ignored in OpenSSH

The -p option for sshd(8) seems to be ignored in OpenSSH_9.2

Feb 5, 2023, 7:14 AM

Post #1 of 3 (221 views)

Greetings.

It used to be possible to spin up additional instances of sshd(8) next
to an established process with options to override the configuration
file. However, in the most recent version of sshd(8) in the OpenBSD
snapshot for amd64 does not do that any more as it seems to not accept a
new port assignment and ends up conflicting with the already running
service:

# /usr/sbin/sshd -p 2201 -d
debug1: sshd version OpenSSH_9.2, LibreSSL 3.7.1
debug1: private host key #0: ssh-rsa SHA256:7tXl2Q...
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:t9pNvmtPBL1aF...
debug1: private host key #2: ssh-ed25519 SHA256:T0IGk...
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='2201'
debug1: rexec_argv[3]='-d'
debug1: Bind to port 22 on 10.100.100.1.
Bind to port 22 on 10.100.100.1 failed: Address already in use.
debug1: Bind to port 2223 on 0.0.0.0.
Bind to port 2223 on 0.0.0.0 failed: Address already in use.
Cannot bind any address.

# /usr/sbin/sshd -V
OpenSSH_9.2, LibreSSL 3.7.1

Regards,
Lars
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Re: The -p option for sshd(8) seems to be ignored in OpenSSH_9.2 [ In reply to ]

dtucker at dtucker

Feb 5, 2023, 1:44 PM

Post #2 of 3 (221 views)

Permalink

On Mon, 6 Feb 2023 at 02:23, Lars Noodén <lars.nooden@gmx.com> wrote:
> debug1: Bind to port 22 on 10.100.100.1.
> Bind to port 22 on 10.100.100.1 failed: Address already in use.

This line implies that you have at least one ListenAddress directive
in your sshd_config and -p doesn't override those:

-p port
Specifies the port on which the server listens for connections
(default 22). Multiple port options are permitted. Ports
specified in the configuration file with the Port option are
ignored when a command-line port is specified. *Ports specified
using the ListenAddress option override command-line ports.*

What ListenAddress and Port directives do you have in your sshd_config?

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Re: The -p option for sshd(8) seems to be ignored in OpenSSH_9.2 [ In reply to ]

lars.nooden at gmx

Feb 5, 2023, 8:54 PM

Post #3 of 3 (220 views)

Permalink

On 2/5/23 23:44, Darren Tucker wrote:
[snip]> What ListenAddress and Port directives do you have in your
sshd_config?

Thanks. Apparently I misremembered the expected behavior. The
ListenAddress directive is set twice in that configuration file, once
for each of the ports shown in the error:

ListenAddress 0.0.0.0:2223
ListenAddress 10.100.100.1:22

So, passing ListenAddress as an option produces the behavior that I was
aiming for:

/usr/sbin/sshd -o ListenAddress=0.0.0.0:2201 -d

Just to be sure I checked on OpenSSH 8.4 and the -p option does not
override ListenAddress there either.

Apologies, and thanks for the clarification.

/Lars

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev