[Bug 1968305] Re: sshd_config.d overrides not working

James Paton-Smith 1968305 at bugs.launchpad.net
Mon Apr 11 07:23:57 UTC 2022 

I've since tested by placing the Include option at the top of the
config, and it works.

I had assumed positioning was irrelevant, or that it should check
/etc/ssh/sshd_config.d by default as described in the man pages:

```
Note that the Debian openssh-server package sets several options as standard in /etc/ssh/sshd_config which are not the default in sshd(8):

           •   Include /etc/ssh/sshd_config.d/*.conf
           •   ChallengeResponseAuthentication no
           •   X11Forwarding yes
           •   PrintMotd no
           •   AcceptEnv LANG LC_*
           •   Subsystem sftp /usr/lib/openssh/sftp-server
           •   UsePAM yes

     /etc/ssh/sshd_config.d/*.conf files are included at the start of the configuration file, so options set there will override those in /etc/ssh/sshd_config.
```

Or does this not apply to Ubuntu 20.04?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1968305

Title:
  sshd_config.d overrides not working

Status in openssh package in Ubuntu:
  New

Bug description:
  Creating an sshd_config override file under /etc/ssh/sshd_config.d/
  does not override settings from /etc/ssh/sshd_config

  From debugging sshd, I can see the override file is indeed being read,
  and the option is supposedly set. But after testing, the options are
  not taking effect.

  Specifically, in the main sshd_config, I have disabled PasswordAuthentication
  In my override file, PasswordAuthentication is enabled

  Yet, when connecting to the server, it only checks public/private
  keys.

  
  This is for an environment where we have our default sshd_config, and in specific use-cases, we might enable PasswordAuthentication for some servers.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: openssh-server 1:8.2p1-4ubuntu0.4
  ProcVersionSignature: Ubuntu 5.13.0-39.44~20.04.1-generic 5.13.19
  Uname: Linux 5.13.0-39-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: pass
  Date: Fri Apr  8 10:37:42 2022
  InstallationDate: Installed on 2021-11-04 (154 days ago)
  InstallationMedia: Ubuntu-Server 20.04.3 LTS "Focal Fossa" - Release amd64 (20210824)
  SourcePackage: openssh
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1968305/+subscriptions

More information about the foundations-bugs mailing list