<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Mar 19, 2016 at 3:00 PM, arnaud gaboury <span dir="ltr"><<a href="mailto:arnaud.gaboury@gmail.com" target="_blank">arnaud.gaboury@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>OS: fedora 23 server<br></div>systemd: 222<br><br></div>I gave a try at sshd.socket instead of the usual sshd.service. The latter was working well on my server but I can't ssh with sshd.socket.<br><br>% systemctl cat sshd.socket <br>----------------------------------------------<br># /usr/lib/systemd/system/sshd.socket<br>[Unit]<br>Description=OpenSSH Server Socket<br>Documentation=man:sshd(8) man:sshd_config(5)<br>Conflicts=sshd.service<br><br>[Socket]<br>ListenStream=22<br>Accept=yes<br><br>[Install]<br>WantedBy=sockets.target<br><br># /etc/systemd/system/sshd.socket.d/override.conf<br>[Socket]<br>#ListenStream=<br>ListenStream=192.168.1.94:XXXXX<br>FreeBind=true<br>----------------------------------------------<br><br> % systemctl status sshd.socket <br>-----------------------------------------------------------<br>● sshd.socket - OpenSSH Server Socket<br> Loaded: loaded (/usr/lib/systemd/system/sshd.socket; enabled; vendor preset: disabled)<br> Drop-In: /etc/systemd/system/sshd.socket.d<br> └─override.conf<br> Active: active (listening) since Sat 2016-03-19 14:42:26 CET; 7min ago<br> Docs: man:sshd(8)<br> man:sshd_config(5)<br> Listen: <a href="http://0.0.0.0:22" target="_blank">0.0.0.0:22</a> (Stream)<br> 192.168.1.94:XXXXX (Stream)<br> Accepted: 9; Connected: 0<br><br>Mar 19 14:42:26 poppy systemd[1]: Listening on OpenSSH Server Socket.<br>Mar 19 14:42:26 poppy systemd[1]: Starting OpenSSH Server Socket.<br>-------------------------------------------<br><br></div>As you can see, 9 connections have been accepted, but I do not know why connection is closed by host.<br><br><br><div> % ssh -v -p XXXXX <a href="mailto:user@thetradinghall.com" target="_blank">user@thetradinghall.com</a> <br>OpenSSH_7.2p1, OpenSSL 1.0.2g 1 Mar 2016<br>debug1: Reading configuration data /home/user/.ssh/config<br>debug1: Reading configuration data /etc/ssh/ssh_config<br>debug1: Connecting to <a href="http://thetradinghall.com" target="_blank">thetradinghall.com</a> [212.147.52.214] port XXXXXX.<br>debug1: Connection established.<br>debug1: identity file /home/user/.ssh/gabx-hortensia_ed25519.pub type 4<br>debug1: key_load_public: No such file or directory<br>debug1: identity file /home/user/.ssh/gabx-hortensia_ed25519.pub-cert type -1<br>debug1: Enabling compatibility mode for protocol 2.0<br>debug1: Local version string SSH-2.0-OpenSSH_7.2<br>debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2<br>debug1: match: OpenSSH_7.2 pat OpenSSH* compat 0x04000000<br>debug1: Authenticating to <a href="http://thetradinghall.com:42660" target="_blank">thetradinghall.com:42660</a> as 'poisonivy'<br>debug1: SSH2_MSG_KEXINIT sent<br>debug1: SSH2_MSG_KEXINIT received<br>debug1: kex: algorithm: <a href="mailto:curve25519-sha256@libssh.org" target="_blank">curve25519-sha256@libssh.org</a><br>debug1: kex: host key algorithm: ecdsa-sha2-nistp256<br>debug1: kex: server->client cipher: <a href="mailto:chacha20-poly1305@openssh.com" target="_blank">chacha20-poly1305@openssh.com</a> MAC: <implicit> compression: none<br>debug1: kex: client->server cipher: <a href="mailto:chacha20-poly1305@openssh.com" target="_blank">chacha20-poly1305@openssh.com</a> MAC: <implicit> compression: none<br>debug1: expecting SSH2_MSG_KEX_ECDH_REPLY<br>debug1: Server host key: ecdsa-sha2-nistp256 SHA256:TU3S5iIvTFbyVwHsNtzm1OPcZ6lYWOnfQ06tKnljnXI<br>debug1: checking without port identifier<br>debug1: Host '<a href="http://thetradinghall.com" target="_blank">thetradinghall.com</a>' is known and matches the ECDSA host key.<br>debug1: Found key in /home/user/.ssh/known_hosts:8<br>debug1: found matching key w/out port<br>debug1: rekey after 134217728 blocks<br>debug1: SSH2_MSG_NEWKEYS sent<br>debug1: expecting SSH2_MSG_NEWKEYS<br>debug1: rekey after 134217728 blocks<br>debug1: SSH2_MSG_NEWKEYS received<br>debug1: SSH2_MSG_EXT_INFO received<br>debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512><br>debug1: SSH2_MSG_SERVICE_ACCEPT received<br><br>###################################<br>## Welcome to TheTradingHall.com ##<br>###################################<br><br>debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic<br>debug1: Next authentication method: publickey<br>debug1: Offering ED25519 public key: /home/gabx/.ssh/gabx-hortensia_ed25519.pub<br>debug1: Server accepts key: pkalg ssh-ed25519 blen 51<br>debug1: Authentication succeeded (publickey).<br>Authenticated to <a href="http://thetradinghall.com" target="_blank">thetradinghall.com</a> ([212.147.52.214]:XXXXXX).<br>debug1: channel 0: new [client-session]<br>debug1: Requesting <a href="mailto:no-more-sessions@openssh.com" target="_blank">no-more-sessions@openssh.com</a><br>debug1: Entering interactive session.<br>debug1: pledge: network<br>debug1: channel 0: free: client-session, nchannels 1<br>Connection to <a href="http://thetradinghall.com" target="_blank">thetradinghall.com</a> closed by remote host.<br>Connection to <a href="http://thetradinghall.com" target="_blank">thetradinghall.com</a> closed.<br>Transferred: sent 1948, received 1628 bytes, in 0.0 seconds<br>Bytes per second: sent 22886566.4, received 19126966.1<br>debug1: Exit status -1<br><br clear="all"><div><br><div><div>------------------------------------------<br><br></div><div>Nothing in journalctl -unit sshd neither sshd@XY-192.168.1.94<br><br></div><div>Thank you for any hint why the connection is closed by the server when in fact it is accepted.<span class="HOEnZb"><font color="#888888"><br><br></font></span><span class="HOEnZb"></span></div></div></div></div></div></blockquote><div>I found the solution by modfiying /etc/pam.d/sshd and adding system-remote-login and system-login files. <br></div></div>
</div></div>