Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 May 2022 16:21:09 -0400
From:      TIM KELLERS <trkellers@gmail.com>
To:        questions@freebsd.org
Subject:   Re: Warning for 13.1 upgrades, SSH restart required before you close session post upgrade
Message-ID:  <abba7a86-43e5-8301-8205-f31723a1d168@gmail.com>
In-Reply-To: <a24f98a5-0dc2-13e3-089c-b9203af1226e@tinka.africa>
References:  <b3df00ff-1543-d7d9-fb34-ebe1ab5b3cb0@ifdnrg.com> <a24f98a5-0dc2-13e3-089c-b9203af1226e@tinka.africa>
next in thread | previous in thread | raw e-mail | index | archive | help 
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>"kex_exchange_identification connection closed by remote host"</p>
    <p><br>
    </p>
    <p>Was the unwelcome response I received after upgrading 1 of 2
      remote instances from 13.0-RELEASE to 13.1-RELEASE</p>
    <p>The other one, same 13.0-RELEASE and security patches as the
      problem child, upgraded with no additional sshd restart.</p>
    <p>I missed the flag about it in the updating, but a remote console
      saved my bacon.</p>
    <p><br>
    </p>
    <p>Tim<br>
    </p>
    <div class="moz-cite-prefix">On 5/25/22 3:37 PM, Mark Tinka wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:a24f98a5-0dc2-13e3-089c-b9203af1226e@tinka.africa">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <br>
      <br>
      <div class="moz-cite-prefix">On 5/25/22 02:55, Paul Macdonald
        wrote:<br>
      </div>
      <blockquote type="cite"
        cite="mid:b3df00ff-1543-d7d9-fb34-ebe1ab5b3cb0@ifdnrg.com">
        <meta http-equiv="content-type" content="text/html;
          charset=UTF-8">
        <p><br>
        </p>
        <p>Hi, <br>
        </p>
        <p>I've not spotted this in @questions so hopefully this will
          warn some people</p>
        <p>After an upgrade to 13.1, and post reboot, you have to
          restart the SSH daemon in the current session</p>
        <p>otherwise you'll get locked out.</p>
        <p>From upgrade notes, which i admit i didn't read</p>
        <p><i>"After upgrading, sshd (from OpenSSH 8.8p1) will not
            accept new connections until it is restarted. After
            installing the new userland, either reboot (as specified in
            the source update procedure), or execute </i><i><code>service
              sshd restart</code></i><i>."</i></p>
        <p>I would think something as important as this might have
          warranted more of an alert</p>
      </blockquote>
      <br>
      Yes, this hit me too on a number of boxes. I had to get remote
      hands to reboot the servers. <br>
      <br>
      Wonder how this got missed, but hey, we're human.<br>
      <br>
      Mark.<br>
    </blockquote>
  </body>
</html>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?abba7a86-43e5-8301-8205-f31723a1d168>