Package: openssh-server Version: 1:9.2p1-2 Severity: normal Dear Maintainer,
after upgrading to bookworm, sshd did not come up again. The reason is that the config file now enforces the usage of the outdated sftp-server subsystem, and this is not overridable. Please consider NOT enforcing a specific sftp implementation (going with the defaults and letting users override it in separate4 conf files), or, if it has to be done, make it easier to override it, or possibly default to the modern "internal-sftp" implementation which allows chroot (and thus provides better defense-in-dpeth in most cases). Thanks for your work! -- System Information: Debian Release: 12.0 APT prefers stable-security APT policy: (990, 'stable-security'), (990, 'stable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'oldstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, x32 Kernel: Linux 6.1.35-schmorp (SMP w/24 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_USER, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser 3.134 ii debconf [debconf-2.0] 1.5.82 ii init-system-helpers 1.65.2 ii libaudit1 1:3.0.9-1 ii libc6 2.36-9 ii libcom-err2 1.47.0-2 ii libcrypt1 1:4.4.33-2 ii libgssapi-krb5-2 1.20.1-2 ii libkrb5-3 1.20.1-2 ii libpam-modules 1.5.2-6 ii libpam-runtime 1.5.2-6 ii libpam0g 1.5.2-6 ii libselinux1 3.4-1+b6 ii libssl3 3.0.9-1 ii libsystemd0 252.6-1 ii libwrap0 7.6.q-32 ii lsb-base 11.6 ii openssh-client 1:9.2p1-2 ii openssh-sftp-server 1:9.2p1-2 ii procps 2:4.0.2-3 ii runit-helper 2.15.2 ii sysvinit-utils [lsb-base] 3.06-4 ii ucf 3.0043+nmu1 ii zlib1g 1:1.2.13.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 252.6-1 ii ncurses-term 6.4-4 ii xauth 1:1.1.2-1 Versions of packages openssh-server suggests: pn molly-guard <none> pn monkeysphere <none> ii ssh-askpass 1:1.2.4.1-16 pn ufw <none> -- debconf information excluded