Bug#1023509: openssh-server: suggestion about (default) sshd_config and sshd_config.d
Package: openssh-server
Version: 1:9.0p1-1+b2
Severity: wishlist
Dear Maintainer,
I think the current state is a bit confusing because the Include directive is
at the very beguining of the file before some commented (default) setting that
could suggest administrator to edit there.
And so, doing this, does this override any sshd_config.d contents?
If it is just some sort of self-documented for the Debian default setting, it
could be elsewhere, no?
Why not then providing an almost empty sshd_config that just includes
sshd_config.d and have a sample file in this folder with all the current
commented content.
Regards,
Patrice
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-0-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages openssh-server depends on:
ii adduser 3.129
ii debconf [debconf-2.0] 1.5.79
ii dpkg 1.21.9+b1
ii init-system-helpers 1.65.2
ii libaudit1 1:3.0.7-1.1+b1
ii libc6 2.36-4
ii libcom-err2 1.46.6~rc1-1+b1
ii libcrypt1 1:4.4.30-1
ii libgssapi-krb5-2 1.20-1+b1
ii libkrb5-3 1.20-1+b1
ii libpam-modules 1.5.2-5
ii libpam-runtime 1.5.2-5
ii libpam0g 1.5.2-5
ii libselinux1 3.4-1+b2
ii libssl3 3.0.7-1
ii libsystemd0 252-2
ii libwrap0 7.6.q-31
ii openssh-client 1:9.0p1-1+b2
ii openssh-sftp-server 1:9.0p1-1+b2
ii procps 2:3.3.17-7.1
ii runit-helper 2.15.0
ii sysvinit-utils [lsb-base] 3.05-6
ii ucf 3.0043
ii zlib1g 1:1.2.11.dfsg-4.1
Versions of packages openssh-server recommends:
ii libpam-systemd [logind] 252-2
ii ncurses-term 6.3+20220423-2
ii xauth 1:1.1.1-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information excluded
Reply to: