Bug #26499: Standard Rudder technique “SSH server (OpenSSH)” breaks SSH server if Match blocks exists in sshd_config - Rudder - Issue Tracker

Actions

Copy link

Bug #26499

closed

Standard Rudder technique “SSH server (OpenSSH)” breaks SSH server if Match blocks exists in sshd_config

Added by Michel BOUISSOU 2 months ago. Updated 2 days ago.

Status:

Released

Priority:

1 (highest)

Assignee:

Nicolas CHARLES

Category:

Techniques

Target version:

8.2.6

Pull Request:

https://github.com/Normation/rudder-t...

Severity:

Major - prevents use of part of Rudder | no simple workaround

UX impact:

User visibility:

Operational - other Techniques | Rudder settings | Plugins

Effort required:

Very Small

Priority:

Name check:

To do

Fix check:

Checked

Regression:

Description

sshd_config can end with Match blocks such as :

# Additional Match Blocks
Match User john,susie,jane,tom
    AllowTcpForwarding no
    X11Forwarding no
    PermitTTY yes

Such blocks do not “end” unless another such block begins.

Rudder standard technique “SSH server (OpenSSH)” appends defined global parameters at the end of the sshd_config file.

This causes the sshd daemon to fail restarting, as it considers this global parameters to be part of the previous “Match” block, which make the configuration invalid.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #26499

Standard Rudder technique “SSH server (OpenSSH)” breaks SSH server if Match blocks exists in sshd_config

Updated by Michel BOUISSOU 2 months ago

Updated by Nicolas CHARLES about 2 months ago

Updated by Nicolas CHARLES about 2 months ago

Updated by Elaad FURREEDAN about 2 months ago

Updated by Elaad FURREEDAN about 2 months ago

Updated by Anonymous about 2 months ago

Updated by Nicolas CHARLES 4 days ago

Updated by Vincent MEMBRÉ 2 days ago