Sshd not starting after upgrade from 2.1.5 to 2.2.1
-
I upgraded from 2.1.5 to 2.2.1 and after doing that I'm unable to start sshd service.
I got the notification:
[ pfSense has started creating missing SSH keys. SSH Startup will be delayed. Please note that reloading the filter rules and changes will be delayed until this operation is completed.]
but even after a while the sshd still can not be started.Does anyone know how to fix this?
Regards.
-
Tried rebooting?
-
Tried rebooting?
After rebooting i'm again receiving the same notification ([ pfSense has started creating missing SSH keys. SSH Startup will be delayed. Please note that reloading the filter rules and changes will be delayed until this operation is completed.]) like new keys are being generated again but the sshd service can't be started.
-
What packages are you running?
-
What packages are you running?
Lightsquid
Open-VM-Tools
OpenVPN Client Export Utility
squid
squidGuard - This one also doesn't work -
Assuming you have a backup, I'd uninstall all the packages and then reboot.
Then restore the configuration IF the problem goes away.
Otherwise, consider a full complete wipe and install.
BTW - Is this a small headless install on a alix or something like that?
-
Assuming you have a backup, I'd uninstall all the packages and then reboot.
Then restore the configuration IF the problem goes away.
Otherwise, consider a full complete wipe and install.
BTW - Is this a small headless install on a alix or something like that?
This is a virtual machine and I also have a snapshot from before the upgrade so I can go back and upgrade again (already tried this several times).
Can you please elaborate on the procedure? Do you want me to go back to 2.1.5, make a backup, upgrade, uninstall all the packages, reboot and then restore the backup from 2.1.5?
-
Well - First of all, this has never happened to me, however, I'm just saying that either removing all the packages and rebooting or doing a clean install with 2.2.1 and then reboot may help (MAY). If it doesn't hang again then restore your configuration from backup and see what happens.
-
There were several problems with the upgrade and in case someone else has them this is how I got them fixed.
-squid would not start. This could be fixed by adding following lines:
ln -s /usr/lib/libssl.so.7 /usr/lib/libssl.so.6
ln -s /lib/libcrypto.so.7 /lib/libcrypto.so.6
ln -s /lib/libz.so.6 /lib/libz.so.5-sshd would not start with the error I described earlier
-squid guard would not startSo since there was no way to fix the upgraded installation I did a fresh install of pfsense 2.2.1 and then imported the backup done on the 2.1.5 system. After that the new system works well and all the services are running normally.
-
No no no no no… please stop producing similar broken symlinks.
-
No no no no no… please stop producing similar broken symlinks.
Not sure what you mean but the only way for me to start the squid after the upgrade was to add those symlinks.
When I did a clean install there was no such problem. -
When I did a clean install there was no such problem.
Yes. And that is exactly why it's a bad idea. These manual hacks get forgotten and cause breakage later on. (Especially with the PBI packaging junk.)
-
This is a virtual machine and I also have a snapshot from before the upgrade so I can go back and upgrade again (already tried this several times).
Can you please elaborate on the procedure? Do you want me to go back to 2.1.5, make a backup, upgrade, uninstall all the packages, reboot and then restore the backup from 2.1.5?
I'm also running a couple of pfSense instances as VMs.
I never upgrade in-place. I'm always just taking a config backup of the running pfSense, creating a brand new virtual machine with the same parameters (similar NICs in the same networks), doing a completely fresh install from scratch with the new version, adding a temporary IP address to the LAN port just to access the default web interface, restore the config taken from the previous version. While it reboots, I just disconnect the NICs of the old VM from the network, and have the new one running in place of it.
This way, I have an instantly running copy of pfSense running the previous version, no more than a NIC connection away.
PS: I'm also running NanoBSD images in virtual machines, just to be on the paranoid side, but that's just my problem LOL.
-
This is a virtual machine and I also have a snapshot from before the upgrade so I can go back and upgrade again (already tried this several times).
Can you please elaborate on the procedure? Do you want me to go back to 2.1.5, make a backup, upgrade, uninstall all the packages, reboot and then restore the backup from 2.1.5?
I'm also running a couple of pfSense instances as VMs.
I never upgrade in-place. I'm always just taking a config backup of the running pfSense, creating a brand new virtual machine with the same parameters (similar NICs in the same networks), doing a completely fresh install from scratch with the new version, adding a temporary IP address to the LAN port just to access the default web interface, restore the config taken from the previous version. While it reboots, I just disconnect the NICs of the old VM from the network, and have the new one running in place of it.
This way, I have an instantly running copy of pfSense running the previous version, no more than a NIC connection away.
Yes, that's exactly what I ended up doing. :)
