Package: monit
Version: 1:5.26.0-1~bpo10+1
Severity: normal
File: /etc/monit/conf-available/openssh-server
Tags: patch
Hello,
The included config file for openssh-server is invalid. It references an
sshd_dsa_key section/service, but that is (no longer?) defined in that file.
This causes monit to fail to start, when that file is used.
The following patch fixes this and also adds support for monitoring the ecdsa
and ed25519 ssh keys.
Thanks,
--Joe
--- /etc/monit/conf-available/openssh-server.orig 2019-07-13
05:21:25.000000000 +0000
+++ /etc/monit/conf-available/openssh-server 2020-05-19 14:01:47.700539281
+0000
@@ -19,6 +19,18 @@
group sshd
include /etc/monit/templates/rootbin
+ check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key
+ group sshd
+ include /etc/monit/templates/rootstrict
+
+ check file sshd_ecdsa_key with path /etc/ssh/ssh_host_ecdsa_key
+ group sshd
+ include /etc/monit/templates/rootstrict
+
+ check file sshd_ed25519_key with path /etc/ssh/ssh_host_ed25519_key
+ group sshd
+ include /etc/monit/templates/rootstrict
+
check file sshd_rsa_key with path /etc/ssh/ssh_host_rsa_key
group sshd
include /etc/monit/templates/rootstrict
