Skip to main content
Unix & Linux

Return to Answer

deleted 1 character in body
Source Link
xiaoju
xiaoju
  • 111
  • 3

Adding to u1686_grawity answer... Now in Ubuntu 24.04 LTS, it appears sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will receive:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config also contains listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22
  • It works also with ipv6.
  • Important: the first empty line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

  • run systemctl edit --full sshdssh.socket,
  • specify the BindToDevice=eth0 directive,
  • don't specify any ListenStream (they won't be taken into account),
  • then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,
  • this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

Review your configuration with:

  • systemctl cat ssh.socket
  • ss -tuln
  • sshd -T

Adding to u1686_grawity answer... Now in Ubuntu 24.04 LTS, it appears sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will receive:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config also contains listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22
  • It works also with ipv6.
  • Important: the first empty line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

  • run systemctl edit --full sshd.socket,
  • specify the BindToDevice=eth0 directive,
  • don't specify any ListenStream (they won't be taken into account),
  • then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,
  • this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

Review your configuration with:

  • systemctl cat ssh.socket
  • ss -tuln
  • sshd -T

Adding to u1686_grawity answer... Now in Ubuntu 24.04 LTS, it appears sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will receive:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config also contains listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22
  • It works also with ipv6.
  • Important: the first empty line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

  • run systemctl edit --full ssh.socket,
  • specify the BindToDevice=eth0 directive,
  • don't specify any ListenStream (they won't be taken into account),
  • then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,
  • this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

Review your configuration with:

  • systemctl cat ssh.socket
  • ss -tuln
  • sshd -T
added 145 characters in body
Source Link
xiaoju
xiaoju
  • 111
  • 3

Adding to u1686_grawity answer, currently... Now in Ubuntu 24.04 LTS, it seemsappears sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will containreceive:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config containsshd_config also contains listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22

It works also with ipv6.

Beware that the first line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

run systemctl edit --full sshd.socket,

  • It works also with ipv6.
  • Important: the first empty line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

specify the BindToDevice=eth0 directive,

Conclusion:

don't specify any ListenStream,

  • run systemctl edit --full sshd.socket,
  • specify the BindToDevice=eth0 directive,
  • don't specify any ListenStream (they won't be taken into account),
  • then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,
  • this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,

Review your configuration with:

this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

  • systemctl cat ssh.socket
  • ss -tuln
  • sshd -T

Adding to u1686_grawity answer, currently in 24.04 LTS, it seems sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will contain:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config contain also listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22

It works also with ipv6.

Beware that the first line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

run systemctl edit --full sshd.socket,

specify the BindToDevice=eth0 directive,

don't specify any ListenStream,

then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,

this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

Adding to u1686_grawity answer... Now in Ubuntu 24.04 LTS, it appears sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will receive:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config also contains listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22
  • It works also with ipv6.
  • Important: the first empty line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

  • run systemctl edit --full sshd.socket,
  • specify the BindToDevice=eth0 directive,
  • don't specify any ListenStream (they won't be taken into account),
  • then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,
  • this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.

Review your configuration with:

  • systemctl cat ssh.socket
  • ss -tuln
  • sshd -T
Source Link
xiaoju
xiaoju
  • 111
  • 3

Adding to u1686_grawity answer, currently in 24.04 LTS, it seems sshd-socket-generator checks in the sshd configuration (sshd_config and /etc/ssh/sshd_config.d/ ) for Port and listenaddress directives, then transposes these directives into /run/systemd/generator/ssh.socket.d/addresses.conf as ListenStream directives.

For example if Port 22 was specified in sshd_config, then addresses.conf will contain:

[Socket]
ListenStream=
ListenStream=22

or if sshd_config contain also listenaddress 192.168.1.10, then addresses.conf becomes:

[Socket]
ListenStream=
ListenStream=192.168.1.10:22

It works also with ipv6.

Beware that the first line ListenStream= erases previous ListenStream directives from /etc/systemd/system/ssh.socket, and only keeps the ones from sshd-socket-generator.

Conclusion:

run systemctl edit --full sshd.socket,

specify the BindToDevice=eth0 directive,

don't specify any ListenStream,

then run sudo systemctl daemon-reload && sudo systemctl restart ssh.socket,

this lets sshd-socket-generator copy the Ports and listenaddress directives from the sshd configuration.