OpenSSH-Update: port 22 ... Address already in use.
Hi there, I've updated OpenSSH as recommended on several hosts, some SuSE 7.2, some 7.3. On most of them I got the following entries in /var/log/ messages after _rcsshd stop ; rcsshd start_ (which, BTW, worked fine): Jul 4 10:24:00 host sshd[205]: Received signal 15; terminating. Jul 4 10:24:04 host sshd[21127]: Server listening on :: port 22. Jul 4 10:24:04 host sshd[21127]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. Is this 'Address in use' because of still running children of the old and terminated sshd parent? Or does this indicate that there is another process running which I do not know of? TIA, -- -- Andreas
Hi Andreas, have a look with lsof or netstat. Stefan
-----Original Message----- From: Andreas Schamanek [mailto:schamane@fam.tuwien.ac.at] Sent: Thursday, July 04, 2002 10:51 AM To: suse-security@suse.com Subject: [suse-security] OpenSSH-Update: port 22 ... Address already in use.
Hi there,
I've updated OpenSSH as recommended on several hosts, some SuSE 7.2, some 7.3. On most of them I got the following entries in /var/log/ messages after _rcsshd stop ; rcsshd start_ (which, BTW, worked fine):
Jul 4 10:24:00 host sshd[205]: Received signal 15; terminating. Jul 4 10:24:04 host sshd[21127]: Server listening on :: port 22. Jul 4 10:24:04 host sshd[21127]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Is this 'Address in use' because of still running children of the old and terminated sshd parent? Or does this indicate that there is another process running which I do not know of?
TIA,
-- -- Andreas
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Am Donnerstag, 4. Juli 2002 10:57 schrieb Stefan Nauber:
Hi Andreas,
have a look with lsof or netstat.
try netstat -pn (before and after restarting, to be sure)
Stefan
-----Original Message----- I've updated OpenSSH as recommended on several hosts, some SuSE 7.2, some 7.3. On most of them I got the following entries in /var/log/ messages after _rcsshd stop ; rcsshd start_ (which, BTW, worked fine):
Jul 4 10:24:00 host sshd[205]: Received signal 15; terminating. Jul 4 10:24:04 host sshd[21127]: Server listening on :: port 22. Jul 4 10:24:04 host sshd[21127]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Is this 'Address in use' because of still running children of the old and terminated sshd parent? Or does this indicate that there is another process running which I do not know of?
-- Mit freundlichen Grüßen Carsten Meyer
On Thu, 4 Jul 2002, CADNET Carsten Meyer and Stefan Nauber suggested to check my systems with netstat and lsof:
have a look with lsof or netstat.
try netstat -pn
(before and after restarting, to be sure)
Maybe I should have added to my message that I am running production servers where I cannot stop sshd (except for restarts). And, of course, I am constantly checking my systems with netstat and lsof. There is only 1 process showing up as listening on :22 (when sshd is running, no process if it is not running). Anyway, sshd delivers the message 'error: Bind to port 22 on 0.0.0.0 failed: Address already in use.' when I restart sshd, although sshd seems to be running fine. I do not understand this. -- -- Andreas
Andreas Schamanek
Maybe I should have added to my message that I am running production servers where I cannot stop sshd (except for restarts). And, of course, I am constantly checking my systems with netstat and lsof. There is only 1 process showing up as listening on :22 (when sshd is running, no process if it is not running). Anyway, sshd delivers the message 'error: Bind to port 22 on 0.0.0.0 failed: Address already in use.' when I restart sshd, although sshd seems to be running fine. I do not understand this.
I have seen that too. It never caused any trouble though. -- Best regards Christian Laursen
Maybe I should have added to my message that I am running production servers where I cannot stop sshd (except for restarts). And, of course, I am constantly checking my systems with netstat and lsof. There is only 1 process showing up as listening on :22 (when sshd is running, no process if it is not running). Anyway, sshd delivers the message 'error: Bind to port 22 on 0.0.0.0 failed: Address already in use.' when I restart sshd, although sshd seems to be running fine. I do not understand this.
I have seen that too.
It never caused any trouble though.
It may have happened that the running sshd hasn't been stopped (for an obscure reason unknown to me...). Please open a new connection to your host and use the command ps faux to see which daemon is the parent of the daemon serving your new connection. "echo $$" gives you the pid of your shell. Check the starting time of the parent daemon and verify that its pid is written to the file /var/run/sshd.pid. If this is not the case or if you are under the impression that the daemon hasn't been restarted when you wanted it to, then kill this daemon by hand with the kill command and run "rcsshd start" by hand again. Don't log off unless you can log on again. :-)
Best regards Christian Laursen
Roman.
--
- -
| Roman Drahtmüller
On Thursday 04 July 2002 03:06 am, Andreas Schamanek wrote:
On Thu, 4 Jul 2002, CADNET Carsten Meyer and Stefan Nauber suggested
to check my systems with netstat and lsof:
have a look with lsof or netstat.
try netstat -pn
(before and after restarting, to be sure)
Maybe I should have added to my message that I am running production servers where I cannot stop sshd (except for restarts). And, of course, I am constantly checking my systems with netstat and lsof. There is only 1 process showing up as listening on :22 (when sshd is running, no process if it is not running). Anyway, sshd delivers the message 'error: Bind to port 22 on 0.0.0.0 failed: Address already in use.' when I restart sshd, although sshd seems to be running fine. I do not understand this.
This always happens (even at boot time) for me and has since i installed OpenSSH several versions ago. If you limit sshd to only ipv4 with the -4 argument it will not issue this message. Its trying to bind twice if you allow it to use ipv4 and ipv6. -- _________________________________________________ No I Don't Yahoo! And I'm getting pretty sick of being asked if I do. _________________________________________________ John Andersen / Juneau Alaska
On Thu, Jul 04, 2002 at 10:51:23AM +0200, Andreas Schamanek wrote:
Hi there,
I've updated OpenSSH as recommended on several hosts, some SuSE 7.2, some 7.3. On most of them I got the following entries in /var/log/ messages after _rcsshd stop ; rcsshd start_ (which, BTW, worked fine):
Jul 4 10:24:00 host sshd[205]: Received signal 15; terminating. Jul 4 10:24:04 host sshd[21127]: Server listening on :: port 22. Jul 4 10:24:04 host sshd[21127]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Is this 'Address in use' because of still running children of the old and terminated sshd parent? Or does this indicate that there is another process running which I do not know of?
I believe this is because sshd is trying to listen on both ipv4 and ipv6. The ipv4 attempt works then the ipv6 fails because potr 22 is already in use (by ipv4). If this is the problem, the fix is to either ignore the messages (since the problem is mainly cosmetic) or to edit etc/rc.config to set the following: SSHD_OPTS="-4" That tells sshd to use ipv4 only. I think I learned about this by looking at the support database on SuSE's web site. -- Robert C. Paulsen, Jr. robert@paulsenonline.net
Hi there, On Thu, 4 Jul 2002, Robert C. Paulsen Jr. wrote:
Jul 4 10:24:00 host sshd[205]: Received signal 15; terminating. Jul 4 10:24:04 host sshd[21127]: Server listening on :: port 22. Jul 4 10:24:04 host sshd[21127]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. (...) I believe this is because sshd is trying to listen on both ipv4 and ipv6. The ipv4 attempt works then the ipv6 fails because port 22 is already in use (by ipv4).
Many thanks Robert, that's the reason for the error message. As you suggested ...
If this is the problem, the fix is to either ignore the messages (since the problem is mainly cosmetic) or to edit etc/rc.config to set the following:
SSHD_OPTS="-4"
... this eliminates the error message.
I think I learned about this by looking at the support database on SuSE's web site.
Ooops. You are right. But in this case, I can't be blamed for not having done enough RTFM. There is an article Linkname: SDB: Häufige Fehlermeldungen in der Xconsole beim KDE Start unter SuSE 7.3 URL: http://sdb.suse.de/sdb/de/html/tsaupe_kde_startmsg.html but the title is a bit misleading and there is no English version of it. Anyway, many thanks. To Roman: Thanks for your tips. I did make sure that the parent was killed. As I said, there was no process listening on :22 according to _netstat_ and _lsof_. -- -- Andreas
On Thu, 4 Jul 2002, Andreas Schamanek wrote:
Linkname: SDB: Haeufige Fehlermeldungen in der Xconsole beim KDE Start unter SuSE 7.3 URL: http://sdb.suse.de/sdb/de/html/tsaupe_kde_startmsg.html
but the title is a bit misleading and there is no English version of it. Anyway, many thanks.
Sorry, there is of course an English version of it, to be found at Linkname: SDB: Frequent Error Messages in the Xconsole When Starting KDE on SuSE 7.3 URL: http://sdb.suse.de/en/sdb/html/tsaupe_kde_startmsg.html It's just that his article does not have SSHD listed as keyword, so you cannot find it when searching the English keyword database. Maybe this should be corrected. Hence the CC to suse@suse.de. -- -- Andreas
participants (7)
-
Andreas Schamanek -
CADNET Carsten Meyer -
Christian Laursen -
John Andersen -
Robert C. Paulsen Jr. -
Roman Drahtmueller -
Stefan Nauber