i have installed 7.0 clean with a custom server installation, including
openssh. everything functions correctly except:
when restarting sshd like this:
/etc/rc.d/init.d/sshd restart (or condrestart, or stop start)
the existing ssh session remains alive, but no new sessions can be
started. in addition, restarting a second time causes the existing session
to also be dropped.
this has the following effect:
no access can be gained to the server until sshd is restarted from the
console (assuming telnet is blocked)
i have no idea whether it is possible, but could someone use this to cause
sshd to restart - denying access to the sysadm - in order to hide their
activities or as a DOS attack?
below is the /etc/ssh/sshd_config file:
# This is ssh server systemwide configuration file.
# Don't read ~/.rhosts and ~/.shosts files
# Uncomment if you don't trust ~/.ssh/known_hosts for
#obsoletes QuietMode and FascistLogging
# For this to work you will also need host keys in /etc/ssh_known_hosts
# To disable tunneled clear text passwords, change to no here!
# Uncomment to disable s/key passwords
# To change Kerberos options
# Kerberos TGT Passing does only work with the AFS kaserver
Subsystem sftp /usr/local/sbin/sftpd
ooops! i have now found an earlier bug report which pertains to the same
problem - 18023 - updated init scripts have apparently been prepared, and will
be included in a future bugfix release.
you're too fast for me!
*** This bug has been marked as a duplicate of 18023 ***