Bug#241496: openssh-server: Still seen 5 years later
On Wed, Mar 30, 2011 at 11:49:48AM +0300, Phil Carmody wrote:
> I performed the upgrade to 1:5.5p1-6 months ago, I don't know what
> version I was coming from. All I know is that my customised
> sshd_config was overwritten during the upgrade. As this 'upgrade'
> resulted in the opening of world-facing ports against my will, I
> consider it to not just be a grave error as it's not just a loss
> of data, but also a security issue.
The previous comments from Matthew and myself in this bug still stand.
* /var/log/dpkg.log* (which may show what version you were coming
* the output of 'debconf-show openssh-server'
* any other /etc/ssh/sshd_config.* files, especially
> Chatting with a debian dev, the idea of this possibly being a
> dpkg bug was mentioned. Has that possibility been looked into at
I don't know whom you were speaking to, but that seems highly unlikely
here; /etc/ssh/sshd_config is managed by the openssh-server maintainer
scripts, not by dpkg as some configuration files are. In any event,
this wouldn't be a productive first line of investigation - if it were
true, we'd arrive at it by other means.
Colin Watson [email@example.com]