diff --git a/openssh.spec b/openssh.spec
index 35999cb..ecad6bc 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -47,7 +47,7 @@
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
 %global openssh_ver 9.3p1
-%global openssh_rel 8
+%global openssh_rel 9
 %global pam_ssh_agent_ver 0.10.4
 %global pam_ssh_agent_rel 9
 
@@ -66,6 +66,7 @@ Source5: pam_ssh_agent-rmheaders
 Source6: ssh-keycat.pam
 Source7: sshd.sysconfig
 Source9: sshd@.service
+Source10: sshd.socket
 Source11: sshd.service
 Source12: sshd-keygen@.service
 Source13: sshd-keygen
@@ -573,6 +574,7 @@ install -m644 sshd_config_redhat_cp $RPM_BUILD_ROOT%{_sysconfdir}/ssh/sshd_confi
 install -m644 sshd_config_redhat $RPM_BUILD_ROOT%{_sysconfdir}/ssh/sshd_config.d/50-redhat.conf
 install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
 install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
+install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
 install -m644 %{SOURCE11} $RPM_BUILD_ROOT/%{_unitdir}/sshd.service
 install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen@.service
 install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen.target
@@ -630,7 +632,7 @@ if [ $1 -gt 1 ]; then
     # OSTree systems) from running.
     touch /var/lib/.ssh-host-keys-migration
 fi
-%systemd_post sshd.service
+%systemd_post sshd.service sshd.socket
 # Migration scriptlet for Fedora 31 and 32 installations to sshd_config
 # drop-in directory (in F32+).
 # Do this only if the file generated by anaconda exists, contains our config
@@ -644,7 +646,7 @@ test -f %{sysconfig_anaconda} && \
   rm %{sysconfig_anaconda} || :
 
 %preun server
-%systemd_preun sshd.service
+%systemd_preun sshd.service sshd.socket
 
 %postun server
 %systemd_postun_with_restart sshd.service
@@ -711,6 +713,7 @@ test -f %{sysconfig_anaconda} && \
 %attr(0640,root,root) %config(noreplace) /etc/sysconfig/sshd
 %attr(0644,root,root) %{_unitdir}/sshd.service
 %attr(0644,root,root) %{_unitdir}/sshd@.service
+%attr(0644,root,root) %{_unitdir}/sshd.socket
 %attr(0644,root,root) %{_unitdir}/sshd-keygen@.service
 %attr(0644,root,root) %{_unitdir}/sshd-keygen.target
 %attr(0644,root,root) %{_sysusersdir}/openssh-server.conf
@@ -741,6 +744,9 @@ test -f %{sysconfig_anaconda} && \
 %endif
 
 %changelog
+* Fri Sep 08 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.3p1-9
+- Revert "Remove sshd.socket unit (rhbz#2025716)" according to FESCO decision
+
 * Thu Aug 03 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.3p1-8
 - Split including crypto-policies to a separate config (rhbz#1970566)
 - Disable forking of ssh-agent on startup (rhbz#2148555)
diff --git a/sshd.socket b/sshd.socket
new file mode 100644
index 0000000..caa50c4
--- /dev/null
+++ b/sshd.socket
@@ -0,0 +1,11 @@
+[Unit]
+Description=OpenSSH Server Socket
+Documentation=man:sshd(8) man:sshd_config(5)
+Conflicts=sshd.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target