Debian 10(buster) sshd가 올바르게 실행되지 않습니다.

tag-icon tag-icon debian sshd
Debian 10(buster) sshd가 올바르게 실행되지 않습니다.

Debian 10(buster)에서 sshd에 문제가 있습니다. 원격에서 액세스하려고 하면 연결이 자동으로 거부되고 ssh.service를 다시 시작하려고 하면 시간 초과 오류가 표시될 때까지 프로세스가 차단된 상태로 유지됩니다.

sudo /etc/init.d/ssh restart
Restarting ssh (via systemctl): ssh.serviceJob for ssh.service failed because a timeout was exceeded.
See "systemctl status ssh.service" and "journalctl -xe" for details.
 failed!

원격으로 로그인해야 하는 유일한 방법은 다시 설치하는 것입니다 openssh-server(뭐..? 네)

ssh.service 단위는 다음과 같습니다(기본값)

[Unit]
Description=OpenBSD Secure Shell server
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run

[Service]
EnvironmentFile=-/etc/default/ssh
ExecStartPre=/usr/sbin/sshd -t
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/usr/sbin/sshd -t
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
RuntimeDirectory=sshd
RuntimeDirectoryMode=0755

[Install]
WantedBy=multi-user.target
Alias=sshd.service

/etc/ssh/sshd_config또한 이것은:

#   $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

Port 22
AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

PubkeyAuthentication yes

# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

# override default of no subsystems
#Subsystem  sftp    /usr/lib/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#   X11Forwarding no
#   AllowTcpForwarding no
#   PermitTTY no
#   ForceCommand cvs server

여기서 무슨 일이 일어나고 있는 걸까요?

업데이트 #1:

이것이 journalctl -xe출력 이다

Feb 14 08:23:04 arm systemd[1]: systemd-fsckd.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit systemd-fsckd.service has successfully entered the 'dead' state.
Feb 14 08:23:05 arm systemd[1]: apt-daily-upgrade.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit apt-daily-upgrade.service has successfully entered the 'dead' state.
Feb 14 08:23:05 arm systemd[1]: Started Daily apt upgrade and clean activities.
-- Subject: A start job for unit apt-daily-upgrade.service has finished successf
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit apt-daily-upgrade.service has finished successfully.
--
-- The job identifier is 247.
Feb 14 08:23:46 arm sudo[3263]: pam_unix(sudo:auth): authentication failure; log
Feb 14 08:23:50 arm sudo[3263]:      szx : TTY=ttyPS0 ; PWD=/home/szx ; USER=roo
Feb 14 08:23:50 arm sudo[3263]: pam_unix(sudo:session): session opened for user
lines 1141-1163/1163 (END)

출력은 다음과 같습니다 systemctl status ssh.

* ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
   Active: activating (start-pre) since Fri 2020-02-14 08:25:35 UTC; 27s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
Cntrl PID: 3268 (sshd)
   CGroup: /system.slice/ssh.service
           `-3268 /usr/sbin/sshd -t

Feb 14 08:25:35 arm systemd[1]: Starting OpenBSD Secure Shell server...
lines 1-10/10 (END)

업데이트 #2:

-t또한 sshd가 여전히 다음 옵션으로 실행되는 것을 확인했습니다 .

ps aux | grep sshd
root      3126  0.0  0.2  11828  4936 ?        Ss   08:39   0:00 /usr/sbin/sshd -t
szx       3156  0.0  0.0   3472  1732 ttyPS0   S+   08:39   0:00 grep sshd

ExecStart나는 이것이 or PreExecReload명령 의 연속성이라고 생각합니다 .ssh.service

업데이트 #3:

실행하면 dpkg-reconfigure openssh-server원격으로 로그인할 수 있지만 서버 세션이 끝날 때까지만 가능합니다. 그래서 dpkg-reconfigure부팅할 때마다 실행해야 합니다...

관련 정보