Package: monit Version: 1:5.26.0-1~bpo10+1 Severity: normal File: /etc/monit/conf-available/openssh-server Tags: patch
Hello, The included config file for openssh-server is invalid. It references an sshd_dsa_key section/service, but that is (no longer?) defined in that file. This causes monit to fail to start, when that file is used. The following patch fixes this and also adds support for monitoring the ecdsa and ed25519 ssh keys. Thanks, --Joe --- /etc/monit/conf-available/openssh-server.orig 2019-07-13 05:21:25.000000000 +0000 +++ /etc/monit/conf-available/openssh-server 2020-05-19 14:01:47.700539281 +0000 @@ -19,6 +19,18 @@ group sshd include /etc/monit/templates/rootbin + check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key + group sshd + include /etc/monit/templates/rootstrict + + check file sshd_ecdsa_key with path /etc/ssh/ssh_host_ecdsa_key + group sshd + include /etc/monit/templates/rootstrict + + check file sshd_ed25519_key with path /etc/ssh/ssh_host_ed25519_key + group sshd + include /etc/monit/templates/rootstrict + check file sshd_rsa_key with path /etc/ssh/ssh_host_rsa_key group sshd include /etc/monit/templates/rootstrict