Bug 1768712

If I understand it right, this behavior is consistent with what was in RHEL7 -- if you configure SSHD to listen on non-default address, you need to modify also the service file (by providing a drop-in configuration) to reflect this.

We certainly do not want to have this by default, since it would needlessly delay the sshd startup (and slow down boot time) on all the other systems, which use defaults.

The correct solution is to add the network-online.target to your service file as described in bug#1352214#c11. This particular solution is described in the RHEL7 docs:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/s1-ssh-configuration

I tried to find the same reference in the RHEL8 docs, but I did not find it so I think this needs to be added, as this still applies. Mirek?

(In reply to Jakub Jelen from comment #1)
> The correct solution is to add the network-online.target to your service
> file as described in bug#1352214#c11. This particular solution is described
> in the RHEL7 docs:
> 
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/
> html/system_administrators_guide/s1-ssh-configuration
> 
> I tried to find the same reference in the RHEL8 docs, but I did not find it
> so I think this needs to be added, as this still applies. Mirek?

This should be the section you are looking for:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/securing_networks/assembly_using-secure-communications-with-openssh-securing-networks#Starting-OpenSSH-server_configuring-and-managing-security

Thank you for the pointer. Then it is non-bug, but documented behavior of the customer configuration.