Anomoly from `freebsd-update IDS` in 12.4-RELEASE-p9 - dual entries for /etc/ssh/sshd_config
- In reply to: Mark E. Mallett: "Re: FreeBSD Errata Notice FreeBSD-EN-23:16.openzfs"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 11 Dec 2023 00:58:18 UTC
When running `freebsd-update IDS` on a few 12.4-RELEASE-p9 systems which have local changes in /etc/ssh/sshd_config, I get TWO separate lines of output about /etc/ssh/sshd_config: ... /etc/ssh/sshd_config has SHA256 hash XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, but should have SHA256 hash 2e201f8c0ca677cc6b6dce2608579ed7d05262dec52b534037bf67fe0601fe68. /etc/ssh/sshd_config has SHA256 hash XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, but should have SHA256 hash eac5adbd9571a12135c3af1c536ace0e8fd58164eec273efa9df37ab7eb941ec. ... (The two X'ed hashes are the same, and match the sha256 hash of the system's customized /etc/ssh/sshd_config.) Poking around a bit in /usr/src, and my weekly snapshots of that, I found both versions of sshd_config - SHA256 (/usr/src/crypto/openssh/sshd_config) = 2e201f8c0ca677cc6b6dce2608579ed7d05262dec52b534037bf67fe0601fe68 SHA256 (/usr/.zfs/snapshot/year_week.23w31/src/crypto/openssh/sshd_config) = eac5adbd9571a12135c3af1c536ace0e8fd58164eec273efa9df37ab7eb941ec SHA256 (/usr/.zfs/snapshot/year_week.23w32/src/crypto/openssh/sshd_config) = 2e201f8c0ca677cc6b6dce2608579ed7d05262dec52b534037bf67fe0601fe68 `diff` on those two versions of sshd_config yields: 109c109 < #VersionAddendum FreeBSD-20221019 --- > #VersionAddendum FreeBSD-20230719 So both versions of sshd_config start with these same lines, which may be the root problem: # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # $FreeBSD: releng/12.4/crypto/openssh/sshd_config 372681 2022-10-31 17:19:41Z git2svn