[WBEL-users] SSH Info

Thu, 12 Aug 2004 19:11:08 -0500

On Thu, Aug 12, 2004 at 04:56:56PM -0700, Ed wrote:
> Ed Morrison wrote:
> >Hi Ed,
> >
> >I actually did that but it didn't change anything with how ssh works.  I
> >can still login and use ssh1.
> 
> Hey Ed,
> Perversely, sshd will *not* restart if you're logged in using ssh.  You 
> can however make a shell script with stops sshd, and then restarts it.
> I'm not sure I'd try this unless I could get someone to restart the 
> service locally just in case.  Or you could temporarily enable telnet so 
> you have a "plan B".
> 

Huh?  Here's a (midly editted) transcript of what I just ran to check what
you are saying.

[kbohling@hawk kbohling]$ ssh root@localhost
root@localhost's password:
Last login: Thu Aug 12 19:03:38 2004 from localhost.localdomain
[root@hawk root]# ps auxwwww | grep sshd
root      1372  0.0  0.4  3656 1552 ?        S    19:02   0:00 /usr/sbin/sshd
root      1437  1.0  0.7  9440 3032 ?        S    19:03   0:00 sshd: root@pts/3

[root@hawk root]# netstat -l -n -p | grep 22
tcp        0      0 0.0.0.0:22              0.0.0.0:* LISTEN      1372/sshd

[root@hawk root]# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[root@hawk root]# netstat -l -n -p | grep 22
tcp        0      0 0.0.0.0:22              0.0.0.0:* LISTEN      1507/sshd

[root@hawk root]# ps auxwwww | grep sshd
root      1437  0.2  0.7  9440 3032 ?        S    19:03   0:00 sshd: root@pts/3
root      1507  0.0  0.4  3664 1552 ?        S    19:04   0:00 /usr/sbin/sshd

	Sure, the ssh you are connected to doesn't restart, however, the
sshd that is listening on port 22 sure does change.  The PID changed
from 1372 to 1507.  Presumable, if I had changed parameters the new
sshd wouldn't have access to the old ones.  I might have lost my
marbles.  My reading of /etc/init.d/sshd also shows that the command
that's run if you run "service sshd restart" is this:

killproc $SSHD -TERM

	So, I'm pretty sure either, you're wrong, or I don't understand
what you are saying.

	Kirby

> remhost$ at now + 1 minute
> at> service sshd stop
> at> servies sshd start
> remhost$ logout
> localhost$ (wait a minute)
> localhost$ ssh remhost
> 
> 
>   Ed
> 
> 
> >
> >On Thu, 2004-08-12 at 15:24, Ed wrote:
> >
> >>Ed Morrison wrote:
> >>
> >>>Hi Everyone,
> >>>
> >>>I'm looking to tighten down my servers some more and I would like to
> >>>find a good ssh How to:/step guide for disabling ssh1 and implementing
> >>>keys.  
> >>
> >>in sshd_config:
> >>Protocol 2
> >
> >
> >Port 22
> >Protocol 2
> >#ListenAddress 0.0.0.0
> >#ListenAddress ::
> >
> >
> >
> >>If someone could send some links my way it would be appreciated.
> >>
> >>>Thanks,
> >>>Ed
> >>>
> >>>_______________________________________________
> >>>Whitebox-users mailing list
> >>>Whitebox-users@beau.org
> >>>http://beau.org/mailman/listinfo/whitebox-users
> >>
> >>
> >
> >_______________________________________________
> >Whitebox-users mailing list
> >Whitebox-users@beau.org
> >http://beau.org/mailman/listinfo/whitebox-users
> 
> _______________________________________________
> Whitebox-users mailing list
> Whitebox-users@beau.org
> http://beau.org/mailman/listinfo/whitebox-users
> 