[Bug 1701298] Re: ssh_config should include /etc/ssh/ssh_config.d/* by default

[Erich E. Hoover]

@cjwatson, I've been getting my work into the habit of deploying Debian packages for all organization-wide system configuration files.  So, when I noticed the other day that openssh-client 7.3p1+ now supports include directives I put together a new package that gives all of our internal users no-login access to the systems that they need for their work.  The exact ".d" file I put together to do this is:
===
Match exec "getent hosts %h | grep -qE '^10\.10\.10\.'"
        User root
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null
        IdentityFile /opt/insight/SLE-101_id_rsa
===
However, at the moment, for anyone to use this file I would need to modify /etc/ssh/ssh_config by adding "Include /etc/ssh/ssh_config.d/*".  While I can do that, I know that it's not generally recommended to have a package modify the config files of other packages.  So, ideally, the default ssh_config file would have an Include directive that allows me to simply place my ".d" file in the appropriate ".d" directory such that it automatically gets included whenever my custom package is installed.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1701298

Title:
  ssh_config should include /etc/ssh/ssh_config.d/* by default

Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  It is not currently possible to deploy packages with system-specific SSH configuration settings without modifying the ssh_config file.  Ideally the default ssh_config file would simply contain:
  Include /etc/ssh/ssh_config.d/*
  as this would allow packages to deploy such settings without tampering with the main ssh_config file.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1701298/+subscriptions