CooL. I knew the startproc isn't a nice thing... Even in -v it says nothing.
Well, I tried rcssh, and I tried killall sshd /usr/sbin/sshd and even a /usr/sbin/sshd -f /etc/ssh/sshd_config
to go for sure. I don't see any errors, only a sshd[24365]: Server listening on :: port 22.
Try killall sshd first and then start the new one (use a copy of sshd with different name and port while doing this).
Yes, this was my way. I even think, that rcsshd restart without having a copy with a different name on a different port is deadly since it seems it locks you out (and happily, after the stop, the rcsshd is killed by SIGHUP, and by that it doesn't start sshd). I verified with ps ax that no sshd process was running when I restarted it. I even did a "cmp" on sshd and the copy I made before upgrading, and both binaries differ.
Actually, rcsshd restart should stop the daemon with the pid from /var/run/sshd.pid. Then a new daemon would start up, writing its pid to the same file. The running instances of sshd which handle active connections should not get touched. There used to be a killall to nuke running daemons, but this is hundreds of years ago. To make sure it works, I usually do the following: cp /usr/sbin/sshd /sshdd /sshdd -p 23 rm /sshdd # log on to port 23 killall sshd rcsshd start # log on to port 22 killall sshdd
Any hints?? What did I wrong? And much more important: How do I make this stuff secure?
rpm -Vv openssh will give you a hint about what has been modified.
oki,
Steffen
Roman.