Bug 1821339

Summary: libssh based server automatically tries to load OpenSSH server configuration
Product: Red Hat Enterprise Linux 8 Reporter: Anderson Sasaki <ansasaki>
Component: libsshAssignee: Anderson Sasaki <ansasaki>
Status: CLOSED ERRATA QA Contact: Stanislav Zidek <szidek>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.2CC: sahana, szidek
Target Milestone: rcKeywords: Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 02:00:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Anderson Sasaki 2020-04-06 15:35:02 UTC 
Description of problem:
The libssh server configuration file (/etc/libssh/libssh_server.config) includes the OpenSSH server configuration file, meaning that changes made to the OpenSSH server configuration will affect the libssh based server applications.

It is not always true that changes in the OpenSSH server configuration file should affect libssh server applications, specially regarding the keys to be used. It is desired that keys are kept independent between different servers.

This bug is about removing the inclusion of the OpenSSH server configuration file from the libssh server configuration file.

Version-Release number of selected component (if applicable):
libssh-8.2.0

How reproducible:
100%

Steps to Reproduce:
1. $cat /etc/libssh/libssh_server.config

Actual results:
# Parse system-wide crypto configuration file
Include /etc/crypto-policies/back-ends/libssh.config
# Parse OpenSSH configuration file for consistency
Include /etc/ssh/sshd_config

Expected results:
File does not contain "Include /etc/ssh/sshd_config"

Additional info:
Comment 8 errata-xmlrpc 2020-11-04 02:00:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: libssh security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4545