[Bug 2512] Use IP_FREEBIND if available for sshd listening socket
Mark D. Baushke
mdb at juniper.net
Mon Dec 14 11:40:53 AEDT 2015
<bugzilla-daemon at bugzilla.mindrot.org> writes:
> https://bugzilla.mindrot.org/show_bug.cgi?id=2512
> --- Comment #1 from Damien Miller <djm at mindrot.org> ---
> Why can't systemd start sshd after the interfaces have been brought up?
It is entirely possible for systemd to start sshd aftre the interfaces
have been brought up or have it work in an inetd kind of way for each
connection to port 22.
Generally, one uses After=network.target or After=network-online.target
and one may want a Wants=network-online.target or wait for the
sshd-keygen.service to start first.
An example might be:
$ cat sshd.service
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.service
Wants=sshd-keygen.service
[Service]
EnvironmentFile=/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
$
The use of sshd.socket also allows for inetd like functionality
with systemd if that is what is needed.
Good luck,
-- Mark
More information about the openssh-unix-dev
mailing list