Can we please change: Include /etc/ssh/sshd_config.d/*conf
To: Include /run/ssh/sshd_config.d/*conf Include /etc/ssh/sshd_config.d/*conf Include /lib/ssh/sshd_config.d/*conf ? This will help us achieving the goal of emptier /etc, allow baking "image" configs in /lib, have user overrides in /etc, and allow initrd/runtime configs in /run. This follows the principle of separating different configs (transient, user-overrides, persistent/defaults) as is becoming popular in many projects. Also, does it mean we could potentially move all of the package default /etc/ssh/sshd_config to /usr/lib ? which includes /etc/ssh/sshd_config ? Something like: /lib/ssh/sshd_config would then have Include /run/ssh/sshd_config.d/* Include /etc/ssh/sshd_config.d/* Include /etc/ssh/sshd_config Include /lib/ssh/sshd_config.d/* <all other defaults> It would be nice if /etc/ssh only had the host keys, and no other default options. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1873528 Title: sshd overrides from /etc/ssh/sshd_config.d/*conf apply in reverse lexographic order To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1873528/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
