| Message ID | 20241207150400.2159-2-stefan.schantl@ipfire.org |
|---|---|
| State | Accepted |
| Commit | 955f8b14571d56cfd132710cdd29db30645aba67 |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Y5BS73Lhtz3wxg for <patchwork@web04.haj.ipfire.org>; Sat, 7 Dec 2024 15:12:07 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Y5BS41VsRz2T8; Sat, 7 Dec 2024 15:12:04 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Y5BS35t9nz340Z; Sat, 7 Dec 2024 15:12:03 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Y5BS12wMKz2xQc for <development@lists.ipfire.org>; Sat, 7 Dec 2024 15:12:01 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Y5BS073F9zpt; Sat, 7 Dec 2024 15:12:00 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1733584321; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=L2TDp+t/400EM4VGFtqkQNmvkRVaD1FFuvhf1h1kvxg=; b=X3GIjjkLMG0MoQLgviViaZrtPccAuClV18Mbrc7AdjFuvVrUxfFzQW7gCM+s+EiZLndpRs 5AdbbNF+gfoD0NCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1733584321; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=L2TDp+t/400EM4VGFtqkQNmvkRVaD1FFuvhf1h1kvxg=; b=f+Zl6t2Tj7j/z5R4RWCnBhykbmqLhEHMoFC8zp0nztbmPbWyAgBggW+a5zP4TyFk6l2JuH 2W2acFmSdYGQgeYgjj60EB/JMFEXzBSpJl99JCN+Q5VEKuEFIkzHIurBjVLv312GaW8b+Z wyzqU0DVGqukyo2S37C6fJl4HkeU3wGmvuwovIKV0VCvMtkNlIKzer/vO+vViMUg/T174W NmzojiavEXWU7gImY8upxxR2BtR+YF/dQXAhfdI+3WYYQWHyApRabKXk4V3ef4AAokxhA/ GjdRnvo+8TbJSvSDD03Oj/bod0GZXiWqFA0WZrSfzxTCZFm/hWKPA9Z3bn6Wsw== From: Stefan Schantl <stefan.schantl@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 2/2] backup: Add /etc/ssh/sshd_config.d Date: Sat, 7 Dec 2024 16:04:00 +0100 Message-ID: <20241207150400.2159-2-stefan.schantl@ipfire.org> In-Reply-To: <20241207150400.2159-1-stefan.schantl@ipfire.org> References: <20241207150400.2159-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: GRUONYPGGZWT2LSXWUIGET4HIN2NPAJD X-Message-ID-Hash: GRUONYPGGZWT2LSXWUIGET4HIN2NPAJD X-MailFrom: stefan.schantl@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> Archived-At: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/GRUONYPGGZWT2LSXWUIGET4HIN2NPAJD/> List-Archive: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Owner: <mailto:development-owner@lists.ipfire.org> List-Post: <mailto:development@lists.ipfire.org> List-Subscribe: <mailto:development-join@lists.ipfire.org> List-Unsubscribe: <mailto:development-leave@lists.ipfire.org> |
| Series |
[1/2] openssh: Introduce include directory for additional sshd config files
|
|
Commit Message
Stefan Schantl
Dec. 7, 2024, 3:04 p.m. UTC
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/backup/include | 1 +
1 file changed, 1 insertion(+)
Comments
Thank you Stefan. I believe that we need to merge this patch set and use it to load the legacy RSA key on systems that still have one. We currently hard-code this into the configuration file, but then we then don’t generate the key any more on new installations. I will send a patch for this, and this change will need to go into Core Update 190. Best, -Michael > On 7 Dec 2024, at 15:04, Stefan Schantl <stefan.schantl@ipfire.org> wrote: > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > config/backup/include | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/config/backup/include b/config/backup/include > index f0708c87f..0bf9440d3 100644 > --- a/config/backup/include > +++ b/config/backup/include > @@ -10,6 +10,7 @@ etc/logrotate.d > etc/passwd > etc/shadow > etc/ssh/sshd_config > +etc/ssh/sshd_config.d > etc/ssh/ssh_host* > etc/squid/squid.conf.local > etc/squid/squid.conf.pre.local > -- > 2.45.2 >
diff --git a/config/backup/include b/config/backup/include index f0708c87f..0bf9440d3 100644 --- a/config/backup/include +++ b/config/backup/include @@ -10,6 +10,7 @@ etc/logrotate.d etc/passwd etc/shadow etc/ssh/sshd_config +etc/ssh/sshd_config.d etc/ssh/ssh_host* etc/squid/squid.conf.local etc/squid/squid.conf.pre.local