[Bug 1911014] Re: include-config-dir from sshd not recognized

[Jeff Abrahamson]

Running sshd with the -ddd flags to get a bit more information, I can
see that the server is including the requested file.  Indeed, server
behaviour is almost identical between the two scenarios (included or
inline) until it executes the Match statement that is the contents of my
included file or else is inlined into sshd_config.

Here is where it diverges:

On both sides, I see this in the lead-up to the divergence:

debug3: Trying to reverse map address 1.2.3.4.
debug2: parse_server_config_depth: config reprocess config len 1208
debug2: parse_server_config_depth: config 
/etc/ssh/sshd_config.d/sftp_users.conf len 182
debug3: checking match for 'Group sftp_users' user user1 host ...
debug1: user user1 matched group list sftp_users at line 1
debug3: match found

(the line number and length are different in the two cases)
At this point they diverge.  In the version that has inlined the file contents, 
I see

debug3: reprocess config:54 setting ...
debug3: reprocess config:55 setting ...
debug3: reprocess config:56 setting ...
debug3: reprocess config:57 setting ...
debug3: reprocess config:58 setting PasswordAuthentication yes
debug3: reprocess config:59 setting ...

Those config statements correspond to the contents of my Match block.
They are only processed in the inline version.  Then both versions say

debug3: auth2_setup_methods_lists: checking methods

and then again, they differ:

(include)  debug1: authentication methods list 0: publickey
(inline)   debug1: authentication methods list 0: password

And this is the point: the Match (which was found) is supposed to say
that for this class of user connecting, we should accept passwords
rather than public keys and only permit sftp.

So the result is that both versions recognise the Match condition, but
only the inlined version actually executes the Match block.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1911014

Title:
  include-config-dir from sshd not recognized

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1911014/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1911014] Re: include-config-dir from sshd not recognized

[Launchpad Bug Tracker]

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: rkhunter (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1911014

Title:
  include-config-dir from sshd not recognized

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1911014/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1911014] Re: include-config-dir from sshd not recognized

[Bug Watch Updater]

** Changed in: rkhunter (Debian)
   Status: Unknown => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1911014

Title:
  include-config-dir from sshd not recognized

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1911014/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1911014] Re: include-config-dir from sshd not recognized

[François Marier]

** Bug watch added: Debian Bug tracker #972192
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972192

** Also affects: rkhunter (Debian) via
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972192
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1911014

Title:
  include-config-dir from sshd not recognized

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rkhunter/+bug/1911014/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs