From nobody Fri Oct 20 08:55:49 2023 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SBdjd5PvPz4xX4y for ; Fri, 20 Oct 2023 08:56:21 +0000 (UTC) (envelope-from ben@altesco.nl) Received: from altus-escon.com (corp.altus-escon.com [217.100.254.150]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "altus-test.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SBdjd23cYz4JGF for ; Fri, 20 Oct 2023 08:56:21 +0000 (UTC) (envelope-from ben@altesco.nl) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (212-204-186-235.cable.dynamic.v4.ziggo.nl [212.204.186.235]) (authenticated bits=0) by altus-escon.com (8.17.2/8.17.1) with ESMTPSA id 39K8u6Pu034962 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 Oct 2023 10:56:11 +0200 (CEST) (envelope-from ben@altesco.nl) X-Authentication-Warning: mars.altus-escon.com: Host 212-204-186-235.cable.dynamic.v4.ziggo.nl [212.204.186.235] claimed to be smtpclient.apple From: Ben Stuyts Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_2A41C4AF-9788-462D-95B4-0A5CB205437E" List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Re: FreeBSD Errata Notice FreeBSD-EN-23:09.freebsd-update [REVISED] Date: Fri, 20 Oct 2023 10:55:49 +0200 In-Reply-To: Cc: Miroslav Lachman <000.fbsd@quip.cz>, Tomoaki AOKI , stable@freebsd.org To: Doug Hardie References: <20231003230335.0B92113333@freefall.freebsd.org> <765ea31d-8f07-4916-b6fd-ba220dec80dc@inoc.net> <20231020062618.9618dcfd42b083720d5dbd12@dec.sakura.ne.jp> <14ed5f0c-9dbc-48d6-959c-750f2db726d4@quip.cz> X-Mailer: Apple Mail (2.3731.700.6) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (altus-escon.com [193.78.231.142]); Fri, 20 Oct 2023 10:56:11 +0200 (CEST) X-Virus-Scanned: clamav-milter 1.2.0 at mars.altus-escon.com X-Virus-Status: Clean X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:33915, ipnet:217.100.128.0/17, country:NL] X-Rspamd-Queue-Id: 4SBdjd23cYz4JGF --Apple-Mail=_2A41C4AF-9788-462D-95B4-0A5CB205437E Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On 20 Oct 2023, at 02:14, Doug Hardie wrote: >=20 > I believe that adding a couple lines of sh code to the end of = sshd.conf would cause it to read /usr/local/etc/sshd.conf and avoid = those issues. That is done in other places in the rc process. >=20 > =E2=80=94 Doug Yes, it would be great if the stock /etc/sshd_config would include = something like Include /usr/local/etc/ssh/* as the final line. I would never have to touch it again. It=E2=80=99s = always a bother keeping it up to date, especially when running lots of = jails. Ben --Apple-Mail=_2A41C4AF-9788-462D-95B4-0A5CB205437E Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
On 20 Oct = 2023, at 02:14, Doug Hardie <bc979@lafn.org> wrote:

I believe that adding a = couple lines of sh code to the end of sshd.conf would cause it to read = /usr/local/etc/sshd.conf and avoid those issues.  That is done in = other places in the rc process.

=E2=80=94= Doug


Yes, = it would be great if the stock /etc/sshd_config would include something = like

Include = /usr/local/etc/ssh/*

as the final line. I would = never have to touch it again. It=E2=80=99s always a bother keeping it up = to date, especially when running lots of = jails.

Ben

= = --Apple-Mail=_2A41C4AF-9788-462D-95B4-0A5CB205437E--