[systemd-devel] Starting the sshd service on a 'non-bash' system

Mantas Mikulėnas grawity at gmail.com
Sat Aug 3 19:01:25 UTC 2024 

I assume you mean the inetd-style sshd at .service, not the regular
sshd.service? (Or does your distribution patch systemd-style socket
activation into sshd?)

There is usually no dependency on a shell, unless the .service unit
explicitly calls /bin/sh (note that the inetd-style socket activation uses
a different .service). Forkstat or extrace can reveal what is being exec'd
when the connection is made.

On Thu, Aug 1, 2024, 15:40 Mark Corbin <mcorbin at lunarenergy.com> wrote:

> Hello
>
> I was wondering whether anybody has any experience of running the sshd
> service successfully on a system with a 'non-bash' shell?
>
> We're using systemd 250.5 and openssh 8.9p1. Both ssh and scp work as
> expected with '/bin/sh -> bash.bash' on the target, but with '/bin/sh ->
> busybox.nosuid' (ash shell) the connections fail.
>
> The sshd logs on the target show:
> Jul 31 15:24:56 hc sshd[17826]: Connection from UNKNOWN port 65535 on
> 192.168.12.246 port 65535
> Jul 31 15:24:56 hc sshd[17826]: debug1: kex_exchange_identification:
> write: Broken pipe
> Jul 31 15:24:56 hc sshd[17826]: banner exchange: Connection from UNKNOWN
> port 65535: Broken pipe
>
> Some extra debug messages that I've added to both systemd and sshd show
> that the incoming socket gets closed somewhere between the handover from
> the systemd socket service to the systemd sshd service. This results in
> sshd being unable to get any peer details. The call to getpeername in
> service_spawn fails with ENOTCONN.
>
> I can't see anything obvious in either the systemd source that suggests a
> dependency on bash.
>
> Any ideas gratefully appreciated.
>
> Regards
>
> Mark
>
> --
>
> *Mark Corbin *
> Senior Software Engineer  |   lunarenergy.com
> <https://www.lunarenergy.com>  |  LinkedIn
> <https://www.linkedin.com/company/lunarenergyinc/>  |  Instagram
> <https://www.instagram.com/lunarenergyinc/>
> [image: Lunar Energy Logo]
>
> C2:Restricted unless otherwise stated.
>
> Lunar Energy Limited is a company registered in England and
> Wales, authorised and regulated by the Financial Conduct Authority under
> reference number 767876. Company registration number: 05631091. Registered
> office: 55 Baker Street, London, England, W1U 7EU
> <https://www.google.com/maps/search/55+Baker+Street,+London,+England,+W1U+7EU?entry=gmail&source=g>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20240803/66f70393/attachment.htm>

More information about the systemd-devel mailing list