13

Suppose that you issue apt-get upgrade from an ssh session and one of the packages to be upgraded is openssh-server.

Is the new sshd process restarted after the upgrade? If yes how is the session maintained? If not, should I explicitly restart it or is there something I am missing?

kazanaki
  • 170
  • 8
yannisf
  • 577
  • 2
  • 6
  • 15
  • your ssh sessions are detached already from the sshd instance. Upgrading and restarting the instance doesn't affect existing sessions. – Michael Martinez Jan 29 '15 at 00:03

1 Answers1

16

When you connect in something like this happens

[user@an02-east ~]$ ps aux | grep ssh
root     13789  0.0  0.0  98932  3888 ?        Ss   03:16   0:00 sshd: user [priv]
502      13791  0.0  0.0  98932  1740 ?        S    03:17   0:00 sshd: user@pts/0
root     15378  0.0  0.0  64728  1168 ?        Ss   04:13   0:00 /usr/sbin/sshd

So ssh is forking off a new sshd process that has privilege separation. Also if you look at lsof

sshd      16826 user txt       REG                8,3   546680    5247866 /usr/sbin/sshd

You can see it also

So when you upgrade the main server will restart and be upgraded but your current ssh session will stay online. You can even restart ssh server from a ssh session these days without losing your connection.

Mike
  • 22,310
  • 7
  • 56
  • 79
  • 1
    Impressive! I did not know that sshd supports this. Is this for all server implementations? – kazanaki Jan 28 '15 at 12:55
  • 1
    for any recent distro made in the last 10-15 years yes – Mike Jan 28 '15 at 14:11
  • Will this also work if I'm redirecting the X11 output to Putty? For a concrete example, I have a Debian VM with ssh running, and I connect from windows, using Putty, with X11 redirection and I can see the program windows on my Windows machine (using Xming). Will the connection stay up if I do the update? – Ismael Miguel Jan 28 '15 at 18:02
  • @IsmaelMiguel: If you have the sshd running in a VM, why don't you fork the VM and try the ssd upgrade, and report the results back here? – pts Jan 28 '15 at 20:31
  • @pts Sorry my stupidity but I have no idea how to do that. I'm not that great with Linux shell. I've never taken the time to learn it. Just the *very* basic stuff (run commands with arguments) – Ismael Miguel Jan 28 '15 at 20:34
  • You can fork the VM using the UI of your VirtualBox or VMware. Linux shell knowledge is not needed. – pts Jan 28 '15 at 21:05
  • @pts I'm really sorry, but that makes no sense to me. When you say fork, you mean to fork the sourcecode, the process inside the vm or the vm process itself? – Ismael Miguel Jan 28 '15 at 23:26
  • Forking a VM is duplicating the entire VM (disk image and config), so you'll have two VMs in the same state. You can then upgrade OpenSSH in the first VM, see how it behaves, and then discard the VM. In the 2nd VM OpenSSH is still not upgraded, but because of the experimenting with the first VM, you know what will happen if you upgrade. – pts Jan 28 '15 at 23:55