50

I'm not sure why it isn't starting or why its preventing me from connecting, i get this error:

sshd.service - OpenSSH Daemon
    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
   Active: failed (Result: start-limit) since Wed 2013-09-11 08:45:13 BST; 1min 21s ago
  Process: 701 ExecStart=/usr/bin/sshd -D (code=exited, status=1/FAILURE)

Sep 11 08:45:13 alarmpi systemd[1]: sshd.service: main process exited, code=exited, status=1/FAILURE
Sep 11 08:45:13 alarmpi systemd[1]: Unit sshd.service entered failed state.
Sep 11 08:45:13 alarmpi systemd[1]: sshd.service holdoff time over, scheduling restart.
Sep 11 08:45:13 alarmpi systemd[1]: Stopping OpenSSH Daemon...
Sep 11 08:45:13 alarmpi systemd[1]: Starting OpenSSH Daemon...
Sep 11 08:45:13 alarmpi systemd[1]: sshd.service start request repeated too quickly,    refusing to start.
Sep 11 08:45:13 alarmpi systemd[1]: Failed to start OpenSSH Daemon.
Sep 11 08:45:13 alarmpi systemd[1]: Unit sshd.service entered failed state.

On the advice of #amrith I ran sshd -t which indicated that the key had not been generate . I generated this using ssh-keygen -A on the advice given in this forum then running systemctl status showed that I am still not running the Daemon. I've attached the error below, sadly I don't know ho Re-running sshd -t gives no messages now. 

sshd.service - OpenSSH Daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
   Active: inactive (dead)

Sep 11 12:04:42 alarmpi systemd[1]: Started OpenSSH Daemon.
Sep 11 12:04:42 alarmpi sshd[289]: fatal: Cannot bind any address.
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep 11 12:04:42 alarmpi systemd[1]: Unit sshd.service entered failed state.
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service holdoff time over, scheduling restart.
Sep 11 12:04:42 alarmpi systemd[1]: Stopping OpenSSH Daemon...
Sep 11 12:04:42 alarmpi systemd[1]: Starting OpenSSH Daemon...
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service start request repeated too quickly, refusing to start.
Sep 11 12:04:42 alarmpi systemd[1]: Failed to start OpenSSH Daemon.
Sep 11 12:04:42 alarmpi systemd[1]: Unit sshd.service entered failed state.
Improve this question

9 Answers 9

Reset to default
65

Try the sshd test mode. It may point you to a reason for failure:

$ sshd -t

Refer to the test mode documentation here.

Improve this answer
2
  • Great. I accidentally uninstalled openssh-server and was unaware of that.. sshd command not found got me to know that ..
    – Rick
    Commented Jun 27, 2022 at 14:37
  • I didn't know how much more useful information you get by the test mode as compared to what's written in the journal. This gave me the exact line of the configuration files he didn't like and fixing those solved the problem. Thanks.
    – Andyc
    Commented Jan 26 at 13:18
19

The problem, in our case was that we use a non-standard port for SSH. SELinux can restrict which ports are able to be used by a service. Apparently it gets confused sometimes and forgets that we had allowed that port?

We had to issue the following command to add our port (22222) to the list of available ports

semanage port -a -t ssh_port_t -p tcp 22222

Reference: http://sharadchhetri.com/2014/10/15/centos-7-rhel-7-change-openssh-port-number-selinux-enabled/

Improve this answer
0
15

Well if you change the SSH port number you have to do some more things in CentOS 7.

Change SSH port editing ssdh_config file

vi /etc/ssh/sshd_config

For example change to: Port 2323

SELINUX only allow port 22 for ssh. Add new port context 2323. If you have't installed do the following

yum -y install policycoreutils-python
semanage port -a -t ssh_port_t -p tcp 2323

Check the port context for ssh

semanage port -l | grep ssh

Restart SSHD service

systemctl restart sshd.service

Add the port to firewall

firewall-cmd --permanent --zone=public --add-port=2323/tcp

Reload firewall

firewall-cmd --reload

Check listening

ss -tnlp|grep ssh

Try connecting again trough ssh

ssh root@<ipaddr> -p 2323
Improve this answer
5

I also had this problem but solved it. My configuration is below.

PermitRootLogin no
port 22
MaxAuthTries 3
MaxSessions 2
AllowUsers ravikanth
AddressFamily any
ListenAddress 192.168.1.23

The service failed to start so I have just commented out the last line (#ListenAddress 192.168.1.23) then my server started successfully.

Note: I have turned off firewall (iptables) and SELinux.

Improve this answer
1
  • This fixed it for me too, it looks like my local IP changed. The config file should be at /etc/ssh/sshd_config.
    – nathanfranke
    Commented Mar 9, 2021 at 5:34
4

Just follow this,

mkdir -p /var/run/sshd

and 

/usr/sbin/sshd -ddd

This should fix your issue.

Improve this answer
4
  • 1
    Why should that be a solution for the problem the OP had?
    – HBruijn
    Commented Feb 8, 2019 at 8:37
  • 1
    I have a similar issue in OpenVZ. I followed this was to fix the issue.
    – Aman Juman
    Commented Feb 8, 2019 at 9:23
  • this was helpful.
    – I wrestled a bear once.
    Commented Dec 9, 2019 at 16:16
  • mkdir -p /var/run/sshd was the key if service ssh was not started previously
    – Drakes
    Commented Jun 18, 2021 at 17:11
3

You may want to try using the following setting:

RestartSec=5s

That would force your application to sleep for 5 seconds prior to a restart attempt. You can obviously vary the number of settings.

See here for details:

Improve this answer
2
  • 1
    I upvoted this answer, because it contains useful information about how to fix the issue when the problem is in systemd and not the actual service (sshd in the OP case). I've had services with restart=always fail and not be restarted, several times. This answer might actually solve that issue with systemd. (Eventhough it is not directly related to the OP question).
    – MattBianco
    Commented Jul 24, 2015 at 6:04
  • Still relevant, as well. Thanks. This is helpful across a spectrum of services, especially in a container context.
    – jhchnc
    Commented Jul 24, 2022 at 1:14
1

Cannot bind any address

If it tries to bind to a port (eg. by default: 22) below 1024, it needs root privilege to do that. Did you run service sshd start or something like that as root? Try editing the sshd.conf configuration file, set the bind address to a port greater than 1024 (eg. 1122) and run it as a simple user!

Improve this answer
1

I had the same problem and the easiest solution I came through was to remove openssh and install it again. 

 yum remove openssh

and then:

 yum install openssh openssh-server openssh-clients

then you can start sshd service:

 service sshd start
Improve this answer
-1

I had same problem. Just disabled SELinux!

Improve this answer
1
  • instead of disabling, you can set it to Permissive.
    – AATHITH RAJENDRAN
    Commented Jul 7, 2021 at 7:39

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .