Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.devel.testing > #1473
| Path | csiph.com!fu-berlin.de!bofh.it!news.nic.it!robomod |
|---|---|
| From | Colin Watson <cjwatson@debian.org> |
| Newsgroups | linux.debian.bugs.dist, linux.debian.devel.testing |
| Subject | Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie |
| Date | Thu, 24 Jul 2025 14:30:01 +0200 |
| Message-ID | <Lc3fb-2jKS-1@gated-at.bofh.it> (permalink) |
| References | <Lbuhr-1VGi-3@gated-at.bofh.it> <Lbuhr-1VGi-3@gated-at.bofh.it> |
| X-Mailbox-Line | From debian-bugs-dist-request@lists.debian.org Thu Jul 24 12:21:08 2025 |
| Old-Return-Path | <debbugs@buxtehude.debian.org> |
| X-Spam-Flag | NO |
| X-Spam-Score | -3.999 |
| Reply-To | Colin Watson <cjwatson@debian.org>, 1109742@bugs.debian.org |
| Resent-To | debian-bugs-dist@lists.debian.org |
| Resent-Cc | Debian Testing Group <debian-testing@lists.debian.org> |
| X-Debian-Pr-Message | followup 1109742 |
| X-Debian-Pr-Package | upgrade-reports |
| MIME-Version | 1.0 |
| Content-Type | text/plain; charset=us-ascii; format=flowed |
| Content-Disposition | inline |
| X-Debian-User | cjwatson |
| X-Debian-Message | from BTS |
| X-Mailing-List | <debian-bugs-dist@lists.debian.org> archive/latest/1915072 |
| List-ID | <debian-bugs-dist.lists.debian.org> |
| List-URL | <https://lists.debian.org/debian-bugs-dist/> |
| Approved | robomod@news.nic.it |
| Lines | 49 |
| Organization | linux.* mail to news gateway |
| Sender | robomod@news.nic.it |
| X-Original-Date | Thu, 24 Jul 2025 13:19:40 +0100 |
| X-Original-Message-ID | <aIIk3ABbfS4laMh6@riva.ucam.org> |
| X-Original-References | <175320612753.3210.8158902610327546715.reportbug@monitoring.int.nfred.ch> <175320612753.3210.8158902610327546715.reportbug@monitoring.int.nfred.ch> |
| Xref | csiph.com linux.debian.bugs.dist:1253784 linux.debian.devel.testing:1473 |
Cross-posted to 2 groups.
Show key headers only | View raw
On Tue, Jul 22, 2025 at 07:42:07PM +0200, Manfred Stock wrote: >Further Comments/Problems: I've upgraded several Bookworm systems to >Trixie so far, which went pretty smooth. But there's one thing I keep >noticing, and which I observed a bit more closely while upgrading the >system I'm sending this report from: Starting at roughly the time when >dpkg says something like > > Unpacking openssh-server (1:10.0p1-5) over (1:9.2p1-2+deb12u6) ... > >I'm not able anymore to open new SSH connections to the system I'm >upgrading. The SSH daemon is still running, and the existing connections >also still work, but new connections fail with > > kex_exchange_identification: read: Connection reset by peer > Connection reset by fd... port 22 > >on the client. At this time, I see messages like the following in the >output from `systemctl status openssh-server.service` (the SSH daemon is >still running, usually since the last reboot, or in this case since the >libc upgrade earlier during the upgrade process, so the daemon process >itself should still be running the binaries from Bookworm, even though >the new binaries have already been extracted): > > Jul 22 17:37:32 monitoring sshd[492742]: -R not supported here [...] >To me, it seems like the old binary, which is still running, is passing >an unsupported parameter to the new binary that was already unpacked >when trying to fork off a new process for the new connection (but I >haven't checked if that's how it actually works when a new connection is >opened, I'm just guessing). The "-R not supported here" string seems to >be 'new', i.e. I didn't find it in the openssh package source on >Bookworm, but it exists in the version from Trixie. Thanks for the report. This will be due to the split of sshd-session from the main sshd binary; the old sshd re-executed itself with different arguments, but the new sshd executes sshd-session instead and has removed support for the parameters that it used to rely on during re-execution. I'll have to set up a suitable environment to test this, but my best idea for now is to have openssh-server.preinst take a copy of the old sshd binary before dpkg unpacks the new files, and patch sshd to re-exec that copy if it exists and it receives the -R option. The postinst can then remove the copy after it's restarted the new sshd. Tricky! -- Colin Watson (he/him) [cjwatson@debian.org]
Back to linux.debian.devel.testing | Previous | Next — Previous in thread | Next in thread | Find similar
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Manfred Stock <m-debian@nfred.ch> - 2025-07-23 01:10 +0200
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Colin Watson <cjwatson@debian.org> - 2025-07-24 14:30 +0200
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Colin Watson <cjwatson@debian.org> - 2025-07-24 17:00 +0200
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Salvatore Bonaccorso <carnil@debian.org> - 2025-07-24 18:50 +0200
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Colin Watson <cjwatson@debian.org> - 2025-07-24 22:40 +0200
Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie Jonathan Wiltshire <jmw@debian.org> - 2025-07-26 21:50 +0200
Processed: Re: Bug#1109742: upgrade-reports: No new SSH connections possible during large part of upgrade to Debian Trixie "Debian Bug Tracking System" <owner@bugs.debian.org> - 2025-07-24 17:00 +0200
csiph-web