Bug#147360: sshd: add option to add sshd to user's inittab, so sshd can't get killed
On Sat, May 18, 2002 at 06:48:26PM +0200, Andreas Fuchs wrote:
> Package: ssh
> Version: 1:3.0.2p1-9
> Severity: wishlist
>
> Mario Lang discovered that adding this line to your inittab can save
> one's life on a machine which one can not access physically well:
>
> ss:12345:respawn:/usr/sbin/sshd -D
>
> This respawns sshd as soon as it gets killed, thus always keeping the
> machine accessible from outside. As this is not reasonable in an
> environment where the network is not always accessible (maybe make that
> "2345" only) or where sshd needs to remain kill-able.
>
> My guess is that this should be optional, with maybe a debconf question
> outlining the advantages and disadvantages of that line, default to "No"
> (-:
>
> If you're interested, I can try to provide a draft for the question.
I don't think that this should be a debconf question: there are already
too many of them, and editing /etc/inittab from ssh's postinst is going
to be risky and error-prone.
I'd be happy to document the approach in README.Debian, though: please
feel free to send some suggested text.
(Sorry for taking so long to respond to this bug report.)
Cheers,
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: