search

gsauthof / dracut-sshd

Provide SSH access to initramfs early user space on Fedora and other systems that use Dracut
219 stars 31 forks source link

Missing subprocess files (arch linux, just after updating ssh) #80

Closed koraa closed 1 day ago

koraa commented 4 weeks ago

I had to add the following files to make my dracut config work again:

FILES=(
  /usr/lib/ssh/ssh-keysign
  /usr/lib/ssh/ssh-pkcs11-helper
  /usr/lib/ssh/ssh-sk-helper
  /usr/lib/ssh/sftp-server
  /usr/lib/ssh/sshd-session
)

This issue started to appear right after a system upgrade involving ssh.

I am using an arch based system, using the following AUR package to install this project:

https://aur.archlinux.org/packages/dracut-sshd-git

I don't know which files need to be added; my sshd complained about missing sshd-session at the very least. I just included the entire /usr/lib/ssh/ directory.

I suppose this might be the root cause behind #78 and #79.

Thanks for creating this project!

cheers karolin

koraa commented 4 weeks ago

Actually, this probably is fixed by #79 and might be the root cause of #78

ellisonpatterson commented 3 weeks ago

Actually, this probably is fixed by #79 and might be the root cause of #78

The PR I made MIGHT fixes the issue, we ONLY need sshd-session to simply connect via SSH (did not test SFTP).

The concern is that the devs will split sshd-session up even more so with future releases, I'm wondering if we should just include ANY file prefixed with sshd* and, like you have said, those other files as well.

ellisonpatterson commented 3 weeks ago

I didn't know that ARCH installs those files to /usr/lib(64)/ssh since Gentoo throws them in /usr/lib(64)/misc, so the PR won't account for the issue for ARCH installations.

ellisonpatterson commented 3 weeks ago

@koraa An immediate fix though would be to do this: Make a file called /etc/dracut.conf.d/openssh.conf and put the following contents in it: install_optional_items+=" /usr/lib/ssh/sshd-session /usr/lib/ssh/ssh-pkcs11-helper /usr/lib/ssh/ssh-sk-helper /usr/lib/ssh/sftp-server "

Then rebuild the initramfs.

I don't know dracut that much, so idk where that FILES variable is defined, so forgive me for my ignorance!

That should then at least work no matter what for ARCH.

gsauthof commented 2 weeks ago

Thank you for reporting this!

I wasn't aware of this sshd development!

FWIW, Fedora Rawhide is still at openssh 9.6.p1, currently.

I'll take a look at the linked pull request.