Re: [developer] Sshd fails on OS upgrade

["Till Wegmüller" <toasterson@gmail.com>]

Hi Gary

This file gets delivered in a working state by the package but as soon 
as you edit it, it will never be touched again by the package system. We 
can only destroy everyones edits by removing preserve=true attribute 
from the file or have this situation happen,

A workaround would be

mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak; pkg fix

once the file is not there it is elegible for restore by IPS.

Hope this helps in the Future
Till

On 05.11.24 20:30, Gary Mills wrote:
> Yesterday, I upgraded one of my systems from hipster-20230813 to
> hipster-20241104.  (The number is the ISO date with dashes removed).
> On reboot, everything was successful, except the console said:
> 
> SUNW-MSG-ID: SMF-8000-YX, TYPE: defect, VER: 1, SEVERITY: major
> EVENT-TIME: Mon Nov  4 16:55:50 CST 2024
> PLATFORM: S5510, CSN: empty, HOSTNAME: tyan
> SOURCE: software-diagnosis, REV: 0.1
> EVENT-ID: 26a5e479-0755-47d0-837d-4a0fbb3f6e99
> DESC: A service failed - a start, stop or refresh method failed.
>    Refer to http://illumos.org/msg/SMF-8000-YX for more information.
> AUTO-RESPONSE: The service has been placed into the maintenance state.
> IMPACT: svc:/network/ssh:default is unavailable.
> REC-ACTION: Run 'svcs -xv svc:/network/ssh:default' to determine the generic
> +reason why the service failed, the location of any logfiles, and a list of
> +other services impacted.
> 
> The server log said:
> 
> [ Nov  4 16:55:49 Executing start method ("/lib/svc/method/sshd start"). ]
> /etc/ssh/sshd_config line 85: Deprecated option ServerKeyBits
> /etc/ssh/sshd_config line 90: Deprecated option KeyRegenerationInterval
> /etc/ssh/sshd_config: line 103: Bad configuration option: MaxAuthTriesLog
> /etc/ssh/sshd_config line 132: Deprecated option RhostsAuthentication
> /etc/ssh/sshd_config line 138: Deprecated option RhostsRSAAuthentication
> /etc/ssh/sshd_config line 145: Deprecated option RSAAuthentication
> /etc/ssh/sshd_config: terminating, 1 bad configuration options
> [ Nov  4 16:55:49 Method "start" exited with status 95. ]
> 
> The configuration file was /etc/ssh/sshd_config .  When I edited that
> file to comment out all the Deprecated or Bad options, the service ran
> with no fatal errors.  I don't know where that file came from, but it
> dates from 2017, and often mentions Oracle and Solaris.  Perhaps it
> came with an earlier version of the ssh package.  The options
> mentioned all were in the version 1 section.
> 
> In any case, the ssh package should include a working configuration
> file, for ssh dummies like me.  That way, the service would run
> without all those errors.  I don't even use ssh on that system.
> 
> 

------------------------------------------
illumos: illumos-developer
Permalink: https://illumos.topicbox.com/groups/developer/Tb0111d8c22b37938-M719ca66e668077a7b9df33fa
Delivery options: https://illumos.topicbox.com/groups/developer/subscription