New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] Ask user for keeping or not sshd config #50

Open
wants to merge 7 commits into
base: stretch
from

Conversation

Projects
None yet
2 participants
@zamentur
Copy link
Contributor

zamentur commented Aug 26, 2018

The problem

Some instance don't use the sshd conf of YunoHost.

Solution

Ask user what he wants do instead of disable the conf management with a dangerous from_script file.

PR Status

Ready
Related PR YunoHost/yunohost#518

How to test

On a debian
Install openssh-server
Make some change in config
Run this script

Validation

  • Principle agreement 0/2 :
  • Quick review 0/1 :
  • Simple test 0/1 :
  • Deep review 0/1 :

@zamentur zamentur referenced this pull request Aug 26, 2018

Merged

[fix] Standardize sshd config #518

0 of 7 tasks complete

@zamentur zamentur removed the work needed label Aug 26, 2018

@zamentur zamentur requested a review from alexAubin Sep 6, 2018

"

# If root login is not deactivate
if ! grep -E "^[[:blank:]]*PermitRootLogin[[:blank:]]+no" /etc/ssh/sshd_config ; then

This comment has been minimized.

@zamentur

zamentur Sep 20, 2018

Contributor

This regex is not entirely perfect with some configuration it could made false positive.

Example: with a MatchUser directive https://github.com/YunoHost-Apps/my_webapp_ynh/blob/3f1cf141145a62ee836680c1818ceaaace2a6a13/scripts/upgrade#L137

@alexAubin alexAubin force-pushed the fix-standardize-sshd-config branch from 1bcde20 to 16ef519 Nov 29, 2018

@alexAubin

This comment has been minimized.

Copy link
Member

alexAubin commented Dec 10, 2018

This is to be merged once 3.4.x is released as stable. But not before as the feature included in this PR won't make sense otherwise...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment