Proxmox 7 - LXC SSH Root login not working

Thanks all for this post, took me a while to solve this one, especially as the Debian 10 Buster containers I upgraded past months didn't have this problem. It first occurred when building a Debian 11 Bullseye from scratch.
jfp said:
Just adding to the thread, as this fixed my issue.
However this is the wrong way to reconfigure systemd services, those changes will be overridden by an apt update.

You should use the systemd override file instead:

systemctl edit ssh.socket
#or
mkdir -p /etc/systemd/system/ssh.socket.d/
cat > /etc/systemd/system/ssh.socket.d/override.conf << EOF
[Socket]
ListenStream=12345
EOF
systemctl daemon-reload
systemctl restart ssh.socket

and the same for the sshd server config

mkdir -p /etc/ssh/sshd_config.d/
cat > /etc/ssh/sshd_config.d/sshd-override.conf << EOF
Port 12345
EOF
Click to expand...
Small improvement:
Because ListenStream can be defined multiple times in a socket service file, the custom value as described in the previous port will be added to the list of ip ports systemd listens on. So in above configuration systemd listens on both 22 and 12345. To replace the ip port the ListenStream parameter must first be cleared and then defined:
Code: 
[Socket]
ListenStream=
ListenStream=12345
 
Last edited:
  • Like
Reactions: Pedulla and dienteperro
The following did the trick for Buster and Bullseye (Debian 10 and 11):
Bash: 
# https://github.com/tteck/Proxmox/discussions/385
sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin Yes/g' -i /etc/ssh/sshd_config
systemctl restart sshd
 
I realize that I am late to the party, but this socket behavior can be overriden simply by stopping the ssh.socket and then disabling it. Then the sshd_config and ssh.service will act normal. (Proxmox7.4, Debian 11 (Bullseye) LXC container)

# systemctl stop ssh.socket
# systemctl disable ssh.socket
# reboot

# systemctl status ssh
* ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2023-05-07 17:36:37 CDT; 8min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 133 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 138 (sshd)
Tasks: 1 (limit: 173946)
Memory: 4.9M
CPU: 71ms
CGroup: /system.slice/ssh.service
`-138 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups

May 07 17:36:37 nvr systemd[1]: Starting OpenBSD Secure Shell server...
May 07 17:36:37 nvr sshd[138]: Server listening on 0.0.0.0 port 7022.
May 07 17:36:37 nvr sshd[138]: Server listening on :: port 7022.
May 07 17:36:37 nvr systemd[1]: Started OpenBSD Secure Shell server.
 
ratr said:
Try this:

Bash: 
systemctl mask ssh.socket
systemctl mask sshd.socket

systemctl disable sshd
systemctl enable ssh

reboot
Click to expand...
This was the right solution.
Problem: SSHD does not start on boot /it can be started manually after boot/
System: LXC ubuntu-22.04-standart
I think this CT Template should be updated.
 
ratr said:
Try this:

Bash: 
systemctl mask ssh.socket
systemctl mask sshd.socket

systemctl disable sshd
systemctl enable ssh

reboot
Click to expand...
ProxMox 8
LXC Ubuntu Server 22.04.4 LTS

Thank you friends, I was looking for a solution for a long time, it helped me!
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back