[Bug 1188610] Re: sshd_config is modified/replaced
Marking this fix-released. The permissions are fixed, and the comments are not removed now. The 'ClientAliveInterval 180' is appended, and I still feel that this is un-necessary, as TCPKeepAlive should avoid idle connection dropping. ** Changed in: walinuxagent (Ubuntu) Importance: Undecided => Medium ** Changed in: walinuxagent (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
This is fixed released for Saucy and scheduled for SRU. ** Changed in: walinuxagent (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1188610] Re: sshd_config is modified/replaced
ACK. I actually looked at some other files... maybe none of the ones in /etc/ are "owned" but do seem to be managed by packages. On Mon, Jun 24, 2013 at 10:27 AM, Scott Moser wrote: > David, > I'm pretty sure the answer to your question about ownership of that file > is that ownership by the package has no effect on config-file upgrade > prompt. I'm not 100% certain, but I know that in the cloud images, > /etc/default/grub has been a pain for us in this respect, and it also does > not show as 'owned' by grub. > I'm pretty sure that TCPKeepAlive is keeping the session alive and so > ClientAliveInterval does not need to be set or changed. I also just > verified an idle session stayed connected for a few hours. > > -- > You received this bug notification because you are a member of Canonical > Microsoft Azure Collaboration, which is subscribed to walinuxagent in > Ubuntu. > Matching subscriptions: walinxuagnet bugs > https://bugs.launchpad.net/bugs/1188610 > > Title: > sshd_config is modified/replaced > > To manage notifications about this bug go to: > > https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions > -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
David, I'm pretty sure the answer to your question about ownership of that file is that ownership by the package has no effect on config-file upgrade prompt. I'm not 100% certain, but I know that in the cloud images, /etc/default/grub has been a pain for us in this respect, and it also does not show as 'owned' by grub. I'm pretty sure that TCPKeepAlive is keeping the session alive and so ClientAliveInterval does not need to be set or changed. I also just verified an idle session stayed connected for a few hours. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
Actually, removing the ClientAliveInterval has no effect on a stock Ubuntu ssh client. Sessions stay alive for hours with no input. I'm going to propose a patch to pull out that change. The password authentication portion seems to be valid (or even required) for Azure (as you can still create instances without ssh keys.) I need to investigate how ubuntu-server does this differently from ubuntu-desktop (as I see a different default in a desktop.) No package seems to "own" /etc/ssh/sshd_config ("dpkg -S /etc/ssh/sshd_config" returns nothing and "grep sshd_config Contents- amd64" doesn't return /etc/ssh/sshd_config. Does this mean it will still be an issue on upgrade? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
note, if a future version of ssh package has a modified sshd_config file (possibly a new setting being added, or one being changed), and the user does 'apt-get upgrade', they will then be prompted on what to do because the package system notices a change to this file. prompts on 'apt-get upgrade' are generally not desireable as people mostly expect these things to work unattended, and in this case the user didn't do anything themselves to justify this. Also note, and I could be wrong, that Ubuntu's stock sshd_config has 'TCPKeepAlive yes' as the default value. It would seem that this should be enough to keep the session alive? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
** Changed in: walinuxagent (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1188610] Re: sshd_config is modified/replaced
Hi Steve, One of the concerns (valid) is that the walinuxagent package is editing another's config file. I'll keep investigating that avenue to see if I have a suggested fix for that. On Fri, Jun 7, 2013 at 12:15 PM, Stephen A. Zarkos < 1188...@bugs.launchpad.net> wrote: > Hello! > > As Robie speculated, editing the ClientAliveInterval parameter will help > keep the session open through the load balancer which would otherwise > drop the connection. There has to be some network traffic originating > from either the client or server to keep it open. Possibly your client > sends these keepalives, but not all clients will. > > Odd that comments are stripped, we will need to take a look at that. > > Thanks! > Steve > > -- > You received this bug notification because you are a member of Canonical > Microsoft Azure Collaboration, which is subscribed to walinuxagent in > Ubuntu. > Matching subscriptions: walinxuagnet bugs > https://bugs.launchpad.net/bugs/1188610 > > Title: > sshd_config is modified/replaced > > To manage notifications about this bug go to: > > https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions > -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
Hello! As Robie speculated, editing the ClientAliveInterval parameter will help keep the session open through the load balancer which would otherwise drop the connection. There has to be some network traffic originating from either the client or server to keep it open. Possibly your client sends these keepalives, but not all clients will. Odd that comments are stripped, we will need to take a look at that. Thanks! Steve -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
So, with no keyboard input, an ssh to azure (first I tested, have other tests going now) lasts 30 minutes--well beyond the 3 * 180 which is 9 minutes... I'll do some additional tests without that setting and then chat with Eric Gable (the author.) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
Perhaps it needs ClientAliveInterval because underlying connection tracking in Azure breaks the connection otherwise? Just speculating here. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
Yep, it is, line 1350 for instance: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/walinuxagent/saucy/view/head:/waagent#L1350 2362: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/walinuxagent/saucy/view/head:/waagent#L2362 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
** Changed in: walinuxagent (Ubuntu) Assignee: (unassigned) => David Medberry (med) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1188610] Re: sshd_config is modified/replaced
Is walinuxagent modifying /etc/ssh/sshd_config? I don't think it's allowed to do that. See Debian policy 10.7.4: http://www.debian.org/doc/debian-policy/ch-files.html#s10.7.4 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to walinuxagent in Ubuntu. https://bugs.launchpad.net/bugs/1188610 Title: sshd_config is modified/replaced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/1188610/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs