Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sshd fails to start after Fedora 41 upgrade #87

Closed
pschmitt opened this issue Nov 1, 2024 · 3 comments
Closed

sshd fails to start after Fedora 41 upgrade #87

pschmitt opened this issue Nov 1, 2024 · 3 comments

Comments

@pschmitt
Copy link

pschmitt commented Nov 1, 2024

Hi, just updated to Fedora 41 and sshd is refusing to start in initrd:

journalctl --no-hostname --output-fields="MESSAGE" -b | grep -m 10 sshd
Nov 01 16:24:07 systemd[1]: Starting sshd.service - OpenSSH server daemon...
Nov 01 16:24:07 (sshd)[333]: sshd.service: Referenced but unset environment variable evaluates to an empty string: CRYPTO_POLICY, OPTIONS, SSHD_OPTS
Nov 01 16:24:07 systemd[1]: sshd.service: Main process exited, code=exited, status=255/EXCEPTION
Nov 01 16:24:07 systemd[1]: sshd.service: Failed with result 'exit-code'.
Nov 01 16:24:07 systemd[1]: Failed to start sshd.service - OpenSSH server daemon.
Nov 01 16:24:07 sshd[333]: /usr/libexec/openssh/sshd-session does not exist or is not executable
Nov 01 16:24:33 systemd[1]: Stopped sshd.service - OpenSSH server daemon.
Nov 01 16:24:34 systemd[1]: Created slice system-sshd\x2dkeygen.slice - Slice /system/sshd-keygen.
Nov 01 16:24:36 systemd[1]: Listening on sshd-unix-local.socket - OpenSSH Server Socket (systemd-ssh-generator, AF_UNIX Local).
Nov 01 16:24:36 systemd[1]: [email protected] - OpenSSH ecdsa Server Key Generation was skipped because no trigger condition checks were met.

luckily unlocking manually on the console still worked. Did I miss something config-wise that might have changed? The last few upgrades went perfectly fine.
@pschmitt
Copy link
Author

pschmitt commented Nov 1, 2024

All right. Turns out I was still on 0.6.5 since dnf didn't upgrade the package because the gpg key wasn't trusted anymore. After removing the copr repo, explicitly removing the gpg key, re-addind the copr repo and re-installing the package it works as expected. Thanks and sorry for the noise.

@pschmitt pschmitt closed this as completed Nov 1, 2024
@pschmitt
Copy link
Author

pschmitt commented Nov 1, 2024

in case someone else has the issue here's what I did to fix this:

rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
rpm -e gpg-pubkey-104b5281-5c4ca7c7
dnf remove dracut-sshd
dnf copr remove gsauthof/dracut-sshd
dnf copr enable gsauthof/dracut-sshd
dnf install dracut-sshd
dracut -f -v
reboot

@gsauthof
Copy link
Owner

gsauthof commented Nov 2, 2024

Some background on the copr issue: #82 (comment)

Unfortunately, the linked upstream bug is still open.

Perhaps it makes sense to update an item to the dracut-sshd FAQ.

gsauthof added a commit that referenced this issue Nov 2, 2024
@gsauthof
Add a note on Copr upgrades
adb039b 
resolves #87
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pschmitt @gsauthof