FS#79285 : [openssh] Enable drop-in configuration files for ssh[d]

FS#79285 - [openssh] Enable drop-in configuration files for ssh[d]_config

Attached to Project: Arch Linux
Opened by Dragoon Aethis (DragoonAethis) - Thursday, 03 August 2023, 00:03 GMT
Last edited by David Runge (dvzrv) - Saturday, 09 September 2023, 08:14 GMT

Task Type	Feature Request
Category	Packages: Core
Status	Closed
Assigned To	Lukas Fleischer (lfleischer) David Runge (dvzrv) Levente Polyak (anthraxx) Giancarlo Razzolini (grazzolini)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	4 Sebastian Wiesner (lunaryorn) (2023-09-09) Gene (GeneC) (2023-08-19) nl6720 (nl6720) (2023-08-11) Yuri Cherio (cherio) (2023-08-04)
Private	No

Details

In most distributions, OpenSSH's /etc/sshd_config has "Include /etc/ssh/sshd_config.d/*.conf" as the first line (and something similar for ssh_config), which allows using drop-in config files instead of editing the pacman-provided file, easily splitting configs for reuse between machines, etc. It'd be nice if Arch's openssh package implemented the same thing. This feature is available since OpenSSH 7.3p1 and not available as of the packaged version 9.3p2-1.

(This sounds like something that could have been requested in the past, but nothing relevant came up after a few searches and googling. Apologies if this is duplicated...)

This task depends upon

Closed by David Runge (dvzrv)
Saturday, 09 September 2023, 08:14 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed with openssh 9.4p1-4

Comment by David Runge (dvzrv) - Friday, 11 August 2023, 08:38 GMT

@DragoonAethis: Thanks for the ticket.

Please try openssh 9.4p1-2 in [core-testing] and report back whether everything works as expected.

Comment by Sean Greenslade (zootboy) - Saturday, 19 August 2023, 22:26 GMT

Would like to request a modification to the 00-archlinux.conf file. Since openssh has a "first conf wins" config style, it would be nice to have the arch defaults file numbered higher so that user-supplied drop-ins can override those settings.

Comment by Toolybird (Toolybird) - Saturday, 19 August 2023, 22:29 GMT

Merged here ~~FS#79416~~

Comment by Sebastian Wiesner (lunaryorn) - Friday, 08 September 2023, 21:01 GMT

Rename 00-archlinux.conf to 90-archlinux.conf; in SSH the *first* value wins, so to override the distribution defaults a user needs to create a file which comes *before* the archlinux.conf file.

While that's still possible currently (e.g. 0000-local.conf) it's not nice to have to use more zeros.

Comment by Toolybird (Toolybird) - Friday, 08 September 2023, 21:02 GMT

@dvzrv, this ticket now reopened for the 2nd time. It was closed last time seemingly without the tweak being addressed. Oversight or "Won't fix"?

Comment by David Runge (dvzrv) - Saturday, 09 September 2023, 07:46 GMT

Ugh... my bad. This was indeed an oversight.

Will fix in an upcoming pkgrel bump!

	Tasks related to this task (0)

Duplicate tasks of this task (1)
~~FS#79416 - openssh: please rename /etc/ssh/sshd_config/00-archlinux.conf t~~

Arch Linux

FS#79285 - [openssh] Enable drop-in configuration files for ssh[d]_config

Details

Loading...