home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] sshd config problem(?)

From: Ross Jordan <rjordan [ at ] numb [ dot ] ca>
To: ed stuckems <edstuckems [ at ] hotmail [ dot ] com>
CC: linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
Subject: Re: [OCLUG-Tech] sshd config problem(?)
Date: Fri, 9 Jun 2006 10:56:47 -0700

On Fri, Jun 09, 2006 at 05:51:20PM +0000, ed stuckems wrote:
> While looking through my logs the other day, I came across the following in
> my logs ...
>
> sshd[2115]: Server listening on :: port 22.
> sshd[2115]: error: Bind to port 22 on 0.0.0.0 failed: Address already in
> use.
>
> I have three questions:
>
> (1) should this concern me?  My gut says yes but I don't know why.

Maybe ssh was "restarted" without being properly shut down.


Good question! I'll see if I can determine this. BTW, the error seems to coincide with the system restarting. I'll edit the startup script to do a netstat before the sshd command is actually executed.

> (2) why is ssh looking to bind to a port on 0.0.0.0 (why isn't is simply
> looking to bind the port on the legal addresses for the machine, ie those
> that I see when I do ifconfig -a?)

The 0.0.0.0 is often used to mean "bind to all IP addresses I have"
Most machines have at least 2 IPs, an external one and the loopback.
Instead of specifying all IPs, it is often convenient to use the
wildchar IP. You can change this in the sshd config.

> (3) how do I find what app/server/etc has already done the bind of port 22
> to 0.0.0.0?

'netstat -anlp' or 'lsof -i | grep LISTENING'

The commands don't really provide any useful info! It appears that udp and tcp won't list the command line used to start the server. Here are two examples (I assume the second line is an ipv6 address!)

tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN - tcp 0 0 :::22 :::* LISTEN -

The lsof command yields no results either.

So from my very limited understanding of what happening, my working theory is that the ipv6 address binds to port 22 first and when the attempt to bind port 22 to the ipv4 address comes along, the system generates an error because the port is in use. Is the working theory in any way probable?


-Ross

_________________________________________________________________
Search your PC with MSN Desktop Search  http://desktop.sympatico.msn.ca/


replies