On Fri, Apr 24, 2020 at 01:16:31PM -0000, Dimitri John Ledkov wrote: > Include /run/ssh/sshd_config.d/*conf > Include /etc/ssh/sshd_config.d/*conf > Include /lib/ssh/sshd_config.d/*conf
> It would be nice if /etc/ssh only had the host keys, and no other > default options. This feels like it'd also need systemd-style config options to allow admins to say they don't want specific packaged configs, too. This mechanism could be ideal for eg ec2-instance-connect, except the current implementation, via: /lib/systemd/system/ssh.service.d/ec2-instance-connect.conf can be ignored via a symlink to /dev/null in /etc/systemd/system/ssh.service.d/ec2-instance-connect.conf Changing to sshd config snippets in /lib/ssh/sshd_config.d/ would now require uninstalling the package entirely, which might also require uninstalling meta-packages. A simple 'include' mechanism without allowances for nulling out unwanted configs is useful but probably not alone sufficient. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1873528 Title: sshd overrides from /etc/ssh/sshd_config.d/*conf apply in reverse lexographic order To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1873528/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
