For the needed options: I guess these lines will be your friends...look them up in the manual though, if I am wrong: PasswordAuthentication no PermitRootLogin without-password PubkeyAuthentication yes (I don't think any of them is default, but maybe the last line is, didnt check) I have this as standard on my cloud machines, where in emergencies I also have a VM konsole available... Am Dienstag, 6. Juli 2021, 17:01:57 CEST schrieb Markus Feilner:
It seems like there has been a strategic decision to not provide a fully commented aka documented sshd_config file in /etc anymore. I fell into the same pit some weeks ago. This makes it harder for people who like you and me only rarely change something in sshd config, I guess, but that's life.
Afaik we have to create an sshd_config file from scratch now, and if you only need to give access to root, it should only have these lines (all other settings are defaults)
There is however this file here: /usr/etc/ssh/sshd_config which looks a lot like the old one...
and it says:
# This is the sshd server system-wide configuration file. See # sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value.
# To modify the system-wide sshd configuration, create a "*.conf" file under # "/etc/ssh/sshd_config.d/" which will be automatically included below. # Don't edit this configuration file itself if possible to avoid update # problems.
I found this because I did a rpm -qli openssh-server or a 'locate sshd_config' on my system (for the latter locate has to be installed and updatedb has had to be run initially)
Am Dienstag, 6. Juli 2021, 16:49:22 CEST schrieb Chuck Payne:
Guys,
Hey, so I been redoing my libvirtd servers and I notice that sshd_config and ssh_config files are no longer in /etc/ssh
. ├── ssh_config.d ├── ssh_host_dsa_key ├── ssh_host_dsa_key.pub ├── ssh_host_ecdsa_key ├── ssh_host_ecdsa_key.pub ├── ssh_host_ed25519_key ├── ssh_host_ed25519_key.pub ├── ssh_host_rsa_key ├── ssh_host_rsa_key.pub └── sshd_config.d
There are now ssh_config.d and sshd_config.d folders. I have to enable root login because i have a master virt-manager that manages the other libvirtd servers.
This new setup disables root access all together and I spent a few hours trying to google how to re-enable root access.
I also need to know how to set my port back up on their special. Can someone explain to me what I need to do, I figure it dropping in a config into the folders.
-- Best Regards - Mit freundlichen Grüßen, Markus Feilner, Feilner IT - 20 years of open services - ------------------------- Agile Recursive Documentation: – Document it or it didn't happen! – ------------------------- Digitale Souveränität, Nachhaltigkeit, Dokumentation Linux, Security, Strategy, Politics, Journalism, Networking. https://www.feilner-it.net, 93059 Regensburg Wöhrdstr. 10, +49 170 302 7092 (+Signal) Blog: https://markusfeilner.de PGP: 40A3C306F96133067C11CFD9A958A906268C9F0A http://www.feilner-it.net/files/MFpub.asc Xing: http://www.xing.com/profile/Markus_Feilner LinkedIn: https://www.linkedin.com/in/markusfeilner @mfeilner: Matrix, Jabber, Skype, Twitter, Diaspora, ...