[Mageia-dev] updating sshd kill ssh connection
Olivier Thauvin
nanardon at nanardon.zarb.org
Wed Jun 27 10:52:06 CEST 2012
* Colin Guthrie (mageia at colin.guthr.ie) wrote:
> 'Twas brillig, and Olivier Thauvin at 27/06/12 09:17 did gyre and gimble:
> > * Sander Lepik (sander.lepik at eesti.ee) wrote:
> >> 27.06.2012 11:06, Olivier Thauvin kirjutas:
> >>> I was updating remotly my build machine when:
> >>>
> >>> 192/254: openssh-server
> >>> #############################################################################################################################################################
> >>> Migrating sysvinit service 'sshd' to systemd native unit 'sshd.service'
> >>> via systemd install rules.
> >>> Connection to cauldron64.latmos.ipsl.fr closed by remote host.
> >>> Connection to cauldron64.latmos.ipsl.fr closed.
> >>>
> >>> This must _never_ happend if the update goes wrong you completly loose
> >>> the hand on the computer.
> >>>
> >>> BTW: restarting sshd never shutdown pending ssh connection.
> >>>
> >>> Please remove or fix this.
> >>>
> >>> Let's see the state of machine now I was disconnected during urpmi...
> >> Check your /etc/ssh/sshd_config - you must use "UsePAM yes" there.
> >> https://wiki.mageia.org/en/Mageia_2_Errata#SSH_daemon_issues
> >
> > We already use PAM in ssh (because ldap)...
>
> Then check your /etc/pam.d/system-auth (or /etc/pam.d/sshd which should
> include system-auth).
>
>
> The system-auth we ship includes:
>
> -session optional pam_systemd.so
My system-auth is pushed via puppet to setup ldap authentication.
So at time I'll add this to sshd pam config file.
I wonder how other sys admin does to automated setup of their servers.
Thanks.
--
Olivier Thauvin
CNRS - LATMOS
♖ ♘ ♗ ♕ ♔ ♗ ♘ ♖
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: </pipermail/mageia-dev/attachments/20120627/fe050b00/attachment.asc>
More information about the Mageia-dev
mailing list