bugzilla-daemon at mindrot.org
2005-Jun-02 12:45 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051
Summary: error: Bind to port 22 on 0.0.0.0 failed: Address
already in use.
Product: Portable OpenSSH
Version: 4.1p1
Platform: ix86
URL: http://www.tietoenator.de
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P4
Component: Build system
AssignedTo: bitbucket at mindrot.org
ReportedBy: gero.waldhausen at tietoenator.com
Hi,
I?ve got problems with openssl-0.9.7g.tar.gz and openssh-4.1p1.tar.gz!
Here is the way I compiled on "Fedora Core release 3 (Heidelberg)":
Packages I used are:
- openssl-0.9.7g.tar.gz
- openssh-4.1p1.tar.gz
- zlib-1.2.2.tar.gz
The DOING:
mkdir -p /var/empty
chown root:sys /var/empty
chmod 755 /var/empty
###################
- zlib-1.2.2.tar.gz
###################
tar -zxvf zlib-1.2.2.tar.gz
cd zlib-1.2.2
./configure --prefix=/usr/local/zlib-1.2.2
make
make install
########################
- openssl-0.9.7g.tar.gz
########################
tar -zxvf openssl-0.9.7g.tar.gz
cd openssl-0.9.7g
./config --prefix=/usr/local/openssl-0.9.7g
make
make install
######################
- openssh-4.1p1.tar.gz
######################
tar -zxvf openssh-4.1p1.tar.gz
cd openssh-4.1p1
./configure --prefix=/usr/local/ssl --with-zlib=/usr/local/zlib-1.2.2 --with-
ssl-dir=/usr/local/openssl-0.9.7g
make
make install
###############################################
vi /usr/local/ssl/etc/sshd_config
###############################################
#############################################################
+ New Entry
- Old Entry
- #Port 22
- #Protocol 2,1
+ Port 22
+ Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
- #HostKey /usr/local/ssl/etc/ssh_host_key
+ HostKey /usr/local/ssl/etc/ssh_host_key
# HostKeys for protocol version 2
- #HostKey /usr/local/ssl/etc/ssh_host_rsa_key
- #HostKey /usr/local/ssl/etc/ssh_host_dsa_key
+ HostKey /usr/local/ssl/etc/ssh_host_rsa_key
+ HostKey /usr/local/ssl/etc/ssh_host_dsa_key
...
- #PidFile /var/run/sshd.pid
+ PidFile /var/run/sshd41.pid
#############################################################
Build a bigger key:
##########################################################################
/usr/local/ssl/bin/ssh-keygen -b 2048 -f /usr/local/ssl/etc/ssh_host_key -t
rsa1 -P ""
/usr/local/ssl/bin/ssh-keygen -b 2048 -f /usr/local/ssl/etc/ssh_host_dsa_key -t
dsa -P ""
/usr/local/ssl/bin/ssh-keygen -b 2048 -f /usr/local/ssl/etc/ssh_host_rsa_key -t
rsa -P ""
##########################################################################
Build a startscript (/etc/init.d/sshd40)
########################################################################
#!/bin/sh
#
# chkconfig: 345 55 45
# description: sshd (secure shell daemon) is a server part of the ssh suite.
# Ssh can be used for remote login, remote file copying, TCP port
# forwarding etc. Ssh offers strong encryption and authentication.
#
# Version 10.05.2004 09:08 (g.waldhausen / Tietoenator AG)
# corrected version: 02.06.2005 11:20
# Source function library.
. /etc/rc.d/init.d/functions
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
RETVAL=0
# Einstellungen
KEYGEN=/usr/local/ssl/bin/ssh-keygen
RSA1_KEY=/usr/local/ssl/etc/ssh_host_key
RSA_KEY=/usr/local/ssl/etc/ssh_host_rsa_key
DSA_KEY=/usr/local/ssl/etc/ssh_host_dsa_key
PID_FILE=/var/run/sshd41.pid
my_success() {
local msg
if [ $# -gt 1 ]; then
msg="$2"
else
msg="done"
fi
case "`type -type success`" in
function)
success "$1"
;;
*)
echo -n "${msg}"
;;
esac
}
my_failure() {
local msg
if [ $# -gt 1 ]; then
msg="$2"
else
msg="FAILED"
fi
case "`type -type failure`" in
function)
failure "$1"
;;
*)
echo -n "${msg}"
;;
esac
}
do_rsa1_keygen() {
if ! test -f $RSA1_KEY ; then
echo -n "Generating SSH1 RSA host key: "
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N ''
>&/dev/null; then
my_success "RSA1 key generation"
echo
else
my_failure "RSA1 key generation"
echo
exit 1
fi
fi
}
do_rsa_keygen() {
if ! test -f $RSA_KEY ; then
echo -n "Generating SSH2 RSA host key: "
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N ''
>&/dev/null; then
my_success "RSA key generation"
echo
else
my_failure "RSA key generation"
echo
exit 1
fi
fi
}
do_dsa_keygen() {
if ! test -f $DSA_KEY ; then
echo -n "Generating SSH2 DSA host key: "
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N ''
>&/dev/null; then
my_success "DSA key generation"
echo
else
my_failure "DSA key generation"
echo
exit 1
fi
fi
}
############################################################
# Einstellung geaendert durch g.waldhausen (Inveos CTH GmbH)
############################################################
case "$1" in
start)
echo -n "Starting sshd41: "
if test -r /var/run/sshd41.pid && kill -0
`cat /var/run/sshd41.pid`
# then echo "already running according
to /var/run/sshd41.pid. Not started."
# my_failure "sshd startup" ""
then my_failure "sshd startup" ""
echo ""
SSHDPIDSUM=$(status sshd)
echo ">> "${SSHDPIDSUM}"
<<"
else /usr/local/ssl/sbin/sshd -
f /usr/local/ssl/etc/sshd_config -g 360
my_success "sshd startup" "sshd"
echo ""
fi
touch /var/lock/subsys/sshd41
;;
stop)
if test -r /var/run/sshd41.pid && kill -0
`cat /var/run/sshd41.pid`
then [ -f /var/run/sshd41.pid ] || exit 0
kill -TERM `cat /var/run/sshd41.pid`
rm -f /var/run/sshd41.pid
rm -f /var/lock/subsys/sshd41
my_success "sshd stopping" "sshd"
echo "Stopped sshd41:"
else
my_failure "sshd startup" ""
echo "Stopping sshd41:"
fi
;;
restart)
$0 stop
$0 start
;;
status)
status sshd
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
########################################################################
Set attributes and runlevel:
##################################
chmod 0755 /etc/init.d/sshd40
chkconfig --level 2345 sshd40 on
chkconfig --level 2345 sshd off
##################################
.........
Now the Failure:
Jun 2 11:33:06 linuxtest sshd[24819]: Accepted password for root
from ::ffff:192.168.8.14 port 2477 ssh2
Jun 2 11:33:06 linuxtest sshd[24819]: subsystem request for sftp
Jun 2 12:08:28 linuxtest xinetd[13075]: START: telnet pid=9693
from=192.168.8.14
Jun 2 12:13:57 linuxtest sshd[2865]: Received signal 15; terminating.
Jun 2 12:23:20 linuxtest sshd[9905]: Server listening on :: port 22.
Jun 2 12:23:20 linuxtest sshd[9905]: error: Bind to port 22 on 0.0.0.0 failed:
Address already in use.
Jun 2 12:25:01 linuxtest sshd[9908]: Accepted password for root
from ::ffff:192.168.8.14 port 2909 ssh2
Jun 2 12:25:01 linuxtest sshd[9908]: subsystem request for sftp
Jun 2 12:37:13 linuxtest sshd[9905]: Received signal 15; terminating.
...........
What am I doing wrong?????
Please help.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-02 12:53 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From djm at mindrot.org 2005-06-02 22:53
-------> What am I doing wrong?????
Apart from posting support requests to a bug tracking system and ignoring the
request not to post long traces into the comments field, you haven't killed
the
old sshd before starting the new one.
Please seek additional support on a mailing list (e.g.
secureshell at securityfocus.com) - bug tracking systems are intended to manage
bugs, not assist users.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-02 13:04 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051 ------- Additional Comments From dtucker at zip.com.au 2005-06-02 23:04 ------- djm beat me to it, but for the record: (In reply to comment #0)> What am I doing wrong?????1) Not describing your problem. What did it do, and what did you expect it to do instead? 2) posting large quantites of debug information in the comment field of the bug (this makes the bugs difficult to read) rather than using attachments. If all you're worrying about is the "Bind to port 22 on 0.0.0.0 failed: Address already in use." message then that is normal on Linux: you can't bind to the same port on both Ipv4 and IPv6. This can be trivially prevented by putting either "AddressFamily inet" or "AddressFamily inet6" into your sshd_config, depending on your requirements. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-02 13:13 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051 ------- Additional Comments From gero.waldhausen at tietoenator.com 2005-06-02 23:13 ------- (In reply to comment #1)> > What am I doing wrong????? > Apart from posting support requests to a bug tracking system and ignoring the > request not to post long traces into the comments field, you haven't killedthe> old sshd before starting the new one. > Please seek additional support on a mailing list (e.g. > secureshell at securityfocus.com) - bug tracking systems are intended to manage > bugs, not assist users.Surely I stopped all sshd sessions!!! When I tried to start the sshd40-daemon all looks fine, but when trying to connect nobody is able to connect via ssh to that server. If I compile it the same way with openssh-3.9p1.tar.gz everything is OK. So please tell me what am I doing wrong??? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-02 13:15 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051 ------- Additional Comments From gero.waldhausen at tietoenator.com 2005-06-02 23:15 ------- (In reply to comment #2)> djm beat me to it, but for the record: > (In reply to comment #0) > > What am I doing wrong????? > 1) Not describing your problem. What did it do, and what did you expect it to > do instead? > 2) posting large quantites of debug information in the comment field of thebug> (this makes the bugs difficult to read) rather than using attachments. > If all you're worrying about is the "Bind to port 22 on 0.0.0.0 failed: > Address already in use." message then that is normal on Linux: you can't bindto> the same port on both Ipv4 and IPv6. This can be trivially prevented byputting> either "AddressFamily inet" or "AddressFamily inet6" into your sshd_config, > depending on your requirements.So what have I got to do if decided to take "AddressFamily inet"??? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jun-02 13:41 UTC
[Bug 1051] error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
http://bugzilla.mindrot.org/show_bug.cgi?id=1051 ------- Additional Comments From dtucker at zip.com.au 2005-06-02 23:41 ------- (In reply to comment #4)> So what have I got to do if decided to take "AddressFamily inet"???If you need only IPv4 connections, use "inet". If you need 4 and 6 connections then use "inet6". Put it into your sshd_config and restart sshd. All it's going to do is prevent the warning in the logfile, though. If you haven't already you might want to read the sshd_config(5) man page. I don't think those logs are from 4.1p1 either: it will normalize the 4-in-6 mapped addresses so the entries will look like "from 192.168.8.14" not "from ::ffff:192.168.8.14". ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.