From nobody Wed May 25 00:55:39 2022 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 48D871B46C16 for ; Wed, 25 May 2022 00:55:47 +0000 (UTC) (envelope-from paul@ifdnrg.com) Received: from smtp-01.ifdnrg.com (smtp-01.ifdnrg.com [193.200.99.57]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp-01.ifdnrg.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4L7CKt275zz4RcN for ; Wed, 25 May 2022 00:55:46 +0000 (UTC) (envelope-from paul@ifdnrg.com) Received: from outbound.ifdnrg.com (outbound.ifdnrg.com [193.200.98.22]) by smtp-01.ifdnrg.com (8.17.1/8.15.2) with ESMTPS id 24P0taAE086659 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL) for ; Wed, 25 May 2022 01:55:36 +0100 (BST) (envelope-from paul@ifdnrg.com) Received: from [192.168.0.51] (cpc145274-sgyl44-2-0-cust211.18-2.cable.virginm.net [92.236.80.212]) (authenticated bits=0) by outbound.ifdnrg.com (8.17.1/8.16.1) with ESMTPSA id 24P0tXR6096649 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Wed, 25 May 2022 01:55:34 +0100 (BST) (envelope-from paul@ifdnrg.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ifdnrg.com; s=ifdnrg-default; t=1653440134; bh=F4kEiHotr8wJitvJeWXgDPFBASbrpXDFGRmXUa5ZViM=; h=Date:To:From:Subject; b=RNEGAb6ce6t3hU5NzYXGwCVtF26eQYiJIPuoLIp74UYXpR6gVtBVywfue7J03a/4/ dCGe9rXoswvK0NrrlOOAE66F0+5oQHiiJeuBjh/vdgk1eNGDlk9qxPz/pTYBvYc0hv 2mJDS6brZecCf+/yS6/80YajVbGviA6+5xQtaMh0uWjzwABoLTX1qmYDEZMKFrJznd Fh7kVbVp0UkVkYOvBB4r1R6CYIGWaBZS/qwggpX3R+1U9sJJVnSIs364prIhVeFp0B GzIM8Zw1QBaQhmG3wqMYn3wzn1iQcvc1cqEn+IWGruZQmcmd5n7V6so95a3cKNhGb2 2C8HNNhuCQ5EQ== Content-Type: multipart/alternative; boundary="------------Ccexv5A2GDPWiur8yqgZrRbL" Message-ID: Date: Wed, 25 May 2022 01:55:39 +0100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 To: questions@freebsd.org From: Paul Macdonald Subject: Warning for 13.1 upgrades, SSH restart required before you close session post upgrade X-Rspamd-Queue-Id: 4L7CKt275zz4RcN X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ifdnrg.com header.s=ifdnrg-default header.b=RNEGAb6c; dmarc=pass (policy=quarantine) header.from=ifdnrg.com; spf=pass (mx1.freebsd.org: domain of paul@ifdnrg.com designates 193.200.99.57 as permitted sender) smtp.mailfrom=paul@ifdnrg.com X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ifdnrg.com:s=ifdnrg-default]; FREEFALL_USER(0.00)[paul]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:193.200.99.0/24]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-0.998]; DKIM_TRACE(0.00)[ifdnrg.com:+]; DMARC_POLICY_ALLOW(-0.50)[ifdnrg.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-0.999]; MLMMJ_DEST(0.00)[questions]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20860, ipnet:193.200.98.0/23, country:GB]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[92.236.80.212:received] X-ThisMailContainsUnwantedMimeParts: N This is a multi-part message in MIME format. --------------Ccexv5A2GDPWiur8yqgZrRbL Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Hi, I've not spotted this in @questions so hopefully this will warn some people After an upgrade to 13.1, and post reboot, you have to restart the SSH daemon in the current session otherwise you'll get locked out. From upgrade notes, which i admit i didn't read /"After upgrading, sshd (from OpenSSH 8.8p1) will not accept new connections until it is restarted. After installing the new userland, either reboot (as specified in the source update procedure), or execute //|service sshd restart|//."/ I would think something as important as this might have warranted more of an alert Paul -- ------------------------- Paul Macdonald IFDNRG Ltd Web and video hosting ------------------------- t: 0131 5548070 m: 07970339546 e:paul@ifdnrg.com w:http://www.ifdnrg.com ------------------------- IFDNRG 40 Maritime Street Edinburgh EH6 6SA ---------------------------------------------------- --------------Ccexv5A2GDPWiur8yqgZrRbL Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit


Hi,

I've not spotted this in @questions so hopefully this will warn some people

After an upgrade to 13.1, and post reboot, you have to restart the SSH daemon in the current session

otherwise you'll get locked out.

From upgrade notes, which i admit i didn't read

"After upgrading, sshd (from OpenSSH 8.8p1) will not accept new connections until it is restarted. After installing the new userland, either reboot (as specified in the source update procedure), or execute service sshd restart."

I would think something as important as this might have warranted more of an alert

Paul



-- 
-------------------------
Paul Macdonald
IFDNRG Ltd
Web and video hosting
-------------------------
t: 0131 5548070
m: 07970339546
e: paul@ifdnrg.com
w: http://www.ifdnrg.com
-------------------------
IFDNRG
40 Maritime Street
Edinburgh
EH6 6SA
----------------------------------------------------
--------------Ccexv5A2GDPWiur8yqgZrRbL--