SSHD service does not start up on Solaris 9
 

Just recently i've applied my first patch cluster on a Solaris 9 server. The patch was pretty uneventfull; however, now when i reboot the system SSHD is not running. I have the startup script in the /etc/rc3.d/ folder and indeed when i login to the system i see that i am in run-level 3. The script /etc/init.d/sshd matches the one found in the rc3.d folder, but for some reason it does not start up sshd. I can go into the /etc/rc3.d folder and startup sshd using the script manually just fine.

Any ideas?

You can try adding a "set -x" at the beginning of the sshd script to trace its execution at boot time.

Thanks jll,

I'll have to try that during my reboot today.

As an update. I noted that after the system booted i have an error message saying that sshd service was unable to bind on port 22 on IP address ::. When i look in the sshd_config file i see that the listening ip address was set to "::". I understand this means "bind to any available ip for either IPv4 or IPv6". We do not use IPv6 on our network, so i simply changed it to 0.0.0.0 so it binds to any IPv4 address. Now it works fine.

Any thoughts as to why the "any" distinction for IPv6 is giving me trouble, where as the IPv4 "any" distinction isn't?

I've got the problem solved, but any further help/ideas on the IPv6 versus IPv4 would be cool. Thanks again jll for the response!

It may be a bug, especially as it was working before the patch was applied.

Do you know which of the patches you installed did update sshd and/or sshd_config ?

Do you know if the patch changed the ListenAddress sshd_config setting ?

The patch that modified the sshd bin is:

113273-11 SunOS 5.9: /usr/lib/ssh/sshd Patch

When i look through the logs, i see a message about copying the old sshd bin to sshd.113273-11, but i do not see any similar preservation techniques used for the sshd_config file.

Also immediately after appling the patch, i looked at my sshd_config and noted that it was not overwritten as my previous settings where still in the file. The sshd_config file is dated 01/10/08 (european time format) on the inside.

So the file was not overwritten and we have always had the IPv6 and IPv4 binding of "ListenAddress ::"

Does IPv6 need a special NIC card?

So this looks like a regression in sshd, I suggest you to file a bug if you are a Sun support customer.

There is no need for a specific NIC card to do IPv6, all can do it, but IPv6 network are still rare.

Sounds like a plan. Thanks jll for all of the info and help!