ssh.service fails to activate right after installation of openssh-server

[kostas12ldb]

Hello ppl!

I have been trying to install openssh-server without success.

I attach the result right after the installation process, can anyone help a struggling n00b?!

I have two fresh Debian installations, one on an atom netbook (on which ssh and sshd work like a charm), and one on my main laptop (AMD Ryzen 5), on which I face the described issue. Could it be the amd openssh-server package?!

 

[KGIII]

No, no... They'll be the same package (amd64 is a mostly generic term). I can at least clear that up for you.

Do you have anything already running on port 22? I've never seen this happen before, so I don't have an immediate fix available.

Hmm... What's the output of this command:

sudo netstat -ltnp | grep -w ':22'

Kindly post it as text and wrap it in code tags (available under the first 3 dot vertical menu).

 

[NorthWest]

In addition to KGill's request, you might consider the following.
From the install command output provided there are some suggestions:

<snip>
Job for ssh.service failed because the control process exited with error code.
See "systemctl status ssh.service" and "journalctl -xe" for details.
invoke-rc.d: initscript ssh, action "start" failed.
<snip>

The output (which I haven't reproduced above) actually states the failed status. That output is from the install script running:

systemctl start ssh.service

to try and start it up as part of the installation process, though it doesn't state that command overtly.

Several things may help, or not, but worth trying to chase this down.
If you run:

journalctl -xe

there may be some explanation of interest to follow up. One has to look to find out.

Taking a second lead from the install output fragment above, check to see if the file: /etc/init.d/ssh, exists, and if it does check that it's written in a valid format to do the job it's supposed to. I have posted a copy of an ssh file at: paste.debian.net/1236334, from one of my machines running debian bookworm so that you can use it for comparison it with yours.

These steps may just be preliminary to resolving the issue, but may prove better than that with luck.

 

[f33dm3bits]

Do you have anything already running on port 22? I've never seen this happen before, so I don't have an immediate fix available.

According tho the log file they attached there is already running something on port 22.

Μαρ 31 21:54:02 AsusX570 systemd[1]: Starting OpenBSD Secure Shell server...
Μαρ 31 21:54:02 AsusX570 sshd[2632]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Μαρ 31 21:54:02 AsusX570 sshd[2632]: error: Bind to port 22 on :: failed: Address already in use.
Μαρ 31 21:54:02 AsusX570 sshd[2632]: fatal: Cannot bind any address.
Μαρ 31 21:54:02 AsusX570 systemd[1]: ssh.service: Main process exited, code=exited, status=255/EXCEPTION
Μαρ 31 21:54:02 AsusX570 systemd[1]: ssh.service: Failed with result 'exit-code'.

 

[kostas12ldb]

Gd morning, and thank you very much for attempting to help out, really appreciate it!

@ KGIII
The output of

sudo netstat -ltnp | grep -w ':22'

is

tcp6       0      0 :::22                   :::*                    LISTEN      1/init

@ NorthWest
When I try to start the ssh.service with systemctl, I get the following:

konstantinos@AsusX570:/etc/init.d$ sudo systemctl start ssh.service
Job for ssh.service failed because the control process exited with error code.
See "systemctl status ssh.service" and "journalctl -xe" for details.

and the journalctl -xe outputs the following regarding ssh:

Απρ 01 10:41:54 AsusX570 sudo[3458]: konstantinos : TTY=pts/1 ; PWD=/etc/init.d ; USER=root ; COMMAND=/usr/bin/systemctl start ssh.service
Απρ 01 10:41:54 AsusX570 sudo[3458]: pam_unix(sudo:session): session opened for user root(uid=0) by konstantinos(uid=1000)
Απρ 01 10:41:54 AsusX570 sudo[3458]: pam_unix(sudo:session): session closed for user root

I also compared your ssh with mine in /etc/init.d, and they were the same!

Now, in one of my attempts to check what "occupies" port 22, I run the following:

konstantinos@AsusX570:/etc/init.d$ sudo lsof -i -P -n | grep LISTEN
systemd      1         root  164u  IPv6  1*155      0t0  TCP *:22 (LISTEN)
cupsd      916         root    6u  IPv6  1*909      0t0  TCP [::1]:631 (LISTEN)
cupsd      916         root    7u  IPv4  1*910      0t0  TCP 127.0.0.1:**1 (LISTEN)
exim4     1339  Debian-exim    4u  IPv4  1*061      0t0  TCP 127.0.0.1:**5 (LISTEN)
exim4     1339  Debian-exim    5u  IPv6  1*062      0t0  TCP [::1]:25 (LISTEN)

The lsof command on the hp mini (which is fine with ssh), has sshd listening to port 22...

 

[NorthWest]

Thanks for the logs. It's a conundrum at the moment for me. I don't know whether any of the following will help, but here it is.
Your code outputs:

konstantinos@AsusX570:/etc/init.d$ sudo lsof -i -P -n | grep LISTEN
systemd      1         root  164u  IPv6  1*155      0t0  TCP *:22 (LISTEN)

On my machine the output is:

[root@owl ~]# lsof -i -P -n | grep LISTEN
sshd       747        root    3u  IPv4  14913      0t0  TCP *:22 (LISTEN)

PID 1, which is listening on port 22 on your machine, keeping it busy, is /sbin/init, which is a link to /lib/systemd/systemd which is the command that initialises the system and stays live until shutdown. Since it's stays live, having "grabbed" or "bound" port 22, presumably it won't release it. On my output, sshd has it's own PID of 747.

The command that runs sshd from startup configured in /lib/systemd/system on my machine is:

[ben@owl ~]$ cat /proc/747/cmdline
sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups

The PID 1 command is, predictably:

[ben@owl ~]$ cat /proc/1/cmdline
/sbin/init

I guess your PID 1 will be the same.

The systemd configuration for sshd is:

[ben@owl /lib/systemd/system]$ cat ssh.service
[Unit]
Description=OpenBSD Secure Shell server
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run

[Service]
EnvironmentFile=-/etc/default/ssh
ExecStartPre=/usr/sbin/sshd -t
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/usr/sbin/sshd -t
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
RuntimeDirectory=sshd
RuntimeDirectoryMode=0755

[Install]
WantedBy=multi-user.target
Alias=sshd.service

I guess your config won't be different.

It seems odd to me that PID 1 would take over port 22 which is the standard listening port for sshd. It's not possible to remove PID 1 in order to free up port 22. If it was some other process that had grabbed port 22, removing it may have been a resolution.

It's possible to change the port for sshd in /etc/ssh/sshd_config and use it on a port that is otherwise not used. That at least would likely allow usage of ssh.

 

[KGIII]

According tho the log file they attached there is already running something on port 22

LOL I know/knew that. My question was poorly phrased. It should have included 'that you know about' in it.

If it were up to me, I'd try to figure out (and the result from my suggested command is as clear as mud) what was running on port 22 and either kill it or change the port if they can.

 

[dos2unix]

lsof output usually doesn't show "systemd" for me.

sshd 845 root 3u IPv4 18329 0t0 TCP *:22 (LISTEN)
sshd 845 root 4u IPv6 18331 0t0 TCP *:22 (LISTEN)

Usually it's actually sshd.

 

[NorthWest]

lsof output usually doesn't show "systemd" for me.

sshd 845 root 3u IPv4 18329 0t0 TCP *:22 (LISTEN)
sshd 845 root 4u IPv6 18331 0t0 TCP *:22 (LISTEN)

Usually it's actually sshd.

That would likely be because PID 1 hadn't taken control, or bound up port 22 for listening.