Bug 28611
Summary: | sshd_config syntax changes in 2.5.1p1 -> condrestart kills sshd. | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Pekka Savola <pekkas> | ||||
Component: | openssh | Assignee: | Nalin Dahyabhai <nalin> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 7.1 | CC: | dr | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2001-03-28 17:51:18 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Pekka Savola
2001-02-21 15:16:57 UTC
Attached is a patch to add 'sshd -t' functionility which checks the validity of the configuration file and sanity of the host keys. Adding a test using this to some point at post-installation, and echoing a warning message (for those that might be updating by hand) might help a bit. This will probably show up in OpenSSH proper. [killed sshd sessions are actually rather irritating, so raising severity] Created attachment 10642 [details]
sshd -t functionality for config sanity checking
This defect is considered MUST-FIX for Florence Release-Candidate #2 The getenv() thing may force a 2.5.1p2 within the next week or so. ...but discussion on the developer list indicates that this would be implemented post-2.5.1, so I'll be looking at it more today. Have you actually gotten sshd to not restart properly? I can get it to not load the v2 keys using the older configuration file, but the built-in option aliasing code is handling the rest of my test config admirably. Umm. Sorry for jumping the gun. Updating beta4 to openssh-2.5.1p1 _did_ kill my sshd for some reason so I couldn't connect, but I can't reproduce it now. Also, the code (readconf.c) seems a lot more friendly about old, obsolete options than I thought. I suspect you got hit with some initscripts changing that caused the "stop" to kill *all* running processes named sshd. That was reverted yesterday, IIRC, so you'll see the change in today's refresh. The new initscripts may also alleviate part of the hanging-on-exit problem (the part where a daemon restart would cause the connection to hang at stop). Well, the migration issue has been sorted out, so far as I can tell. Closing. See #33633. The patch for the -t option should be integrated into 2.9p2-7 and later. Thanks! |