Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d
From: Patrice Duroux <patrice.duroux@gmail.com>
Date: Sat, 05 Nov 2022 18:32:25 +0100
Message-id: <[🔎] 166766954516.33087.5120023004129089190.reportbug@kos-moceratops.home>
Reply-to: Patrice Duroux <patrice.duroux@gmail.com>, 1023509@bugs.debian.org

Package: openssh-server
Version: 1:9.0p1-1+b2
Severity: wishlist

Dear Maintainer,

I think the current state is a bit confusing because the Include directive is
at the very beguining of the file before some commented (default) setting that
could suggest administrator to edit there.

And so, doing this, does this override any sshd_config.d contents?

If it is just some sort of self-documented for the Debian default setting, it
could be elsewhere, no?

Why not then providing an almost empty sshd_config that just includes
sshd_config.d and have a sample file in this folder with all the current
commented content.

Regards,
Patrice


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-0-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssh-server depends on:
ii  adduser                    3.129
ii  debconf [debconf-2.0]      1.5.79
ii  dpkg                       1.21.9+b1
ii  init-system-helpers        1.65.2
ii  libaudit1                  1:3.0.7-1.1+b1
ii  libc6                      2.36-4
ii  libcom-err2                1.46.6~rc1-1+b1
ii  libcrypt1                  1:4.4.30-1
ii  libgssapi-krb5-2           1.20-1+b1
ii  libkrb5-3                  1.20-1+b1
ii  libpam-modules             1.5.2-5
ii  libpam-runtime             1.5.2-5
ii  libpam0g                   1.5.2-5
ii  libselinux1                3.4-1+b2
ii  libssl3                    3.0.7-1
ii  libsystemd0                252-2
ii  libwrap0                   7.6.q-31
ii  openssh-client             1:9.0p1-1+b2
ii  openssh-sftp-server        1:9.0p1-1+b2
ii  procps                     2:3.3.17-7.1
ii  runit-helper               2.15.0
ii  sysvinit-utils [lsb-base]  3.05-6
ii  ucf                        3.0043
ii  zlib1g                     1:1.2.11.dfsg-4.1

Versions of packages openssh-server recommends:
ii  libpam-systemd [logind]  252-2
ii  ncurses-term             6.3+20220423-2
ii  xauth                    1:1.1.1-1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  ssh-askpass   <none>
pn  ufw           <none>

-- debconf information excluded

Reply to:

Follow-Ups:
- Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d
  - From: Patrice <duroux.patrice@orange.fr>
- Bug#1023509: marked as done (openssh-server: suggestion about (default) sshd_config and sshd_config.d)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Next by Date: Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d
Next by thread: Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d
Index(es):
- Date
- Thread