Date: Thu, 20 Jun 2013 00:40:48 +0100 From: "Steven Hartland" <killing@multiplay.co.uk> To: "Kimmo Paasiala" <kpaasial@gmail.com>, "Miroslav Lachman" <000.fbsd@quip.cz> Cc: freebsd-stable Stable <freebsd-stable@freebsd.org> Subject: Re: sshd didn't run after upgrade to FreeBSD 8.4 Message-ID: <FB3070EFDC484C75AB519EA00A237D3E@multiplay.co.uk> References: <51C22E11.3020008@quip.cz> <CA%2B7WWScSS16URJNQ3h1WjoXaBhG_gBn=ERb_SiCc4y%2BDhBeuKA@mail.gmail.com> <51C23ED9.7070107@quip.cz> <CA%2B7WWSfwXOh_g1hi-5C=hG8NRepNC1NzZjqscQdtqB=fGN2dWg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Kimmo Paasiala" <kpaasial@gmail.com> To: "Miroslav Lachman" <000.fbsd@quip.cz> Cc: "freebsd-stable Stable" <freebsd-stable@freebsd.org> Sent: Thursday, June 20, 2013 12:32 AM Subject: Re: sshd didn't run after upgrade to FreeBSD 8.4 > On Thu, Jun 20, 2013 at 2:29 AM, Miroslav Lachman <000.fbsd@quip.cz> wrote: >> Kimmo Paasiala wrote: >>> >>> On Thu, Jun 20, 2013 at 1:17 AM, Miroslav Lachman<000.fbsd@quip.cz> >>> wrote: >>>> >>>> The version of sshd in FreeBSD 8.4 is not backward compatible with older >>>> version from 8.3. >>>> >>>> OpenSSH_5.4p1 (on FreeBSD 8.3) >>>> OpenSSH_6.1p1 (on FreeBSD 8.4) >>>> >>>> # sshd -t >>>> /etc/ssh/sshd_config line 19: Missing argument. >>>> >>>> On line 19, there is: >>>> VersionAddendum >>>> >>>> It was OK in older versions. It will remove any default text appended to >>>> SSH >>>> protocol banner (for example 'FreeBSD-20120901'). >>>> >>>> On FreeBSD 8.4, there must be some string (any single character) >>>> >>>> I was really badly surprised that the machine was re-booted without ssh >>>> access! >>>> >>>> I think this change is worth to mention in Release Notes >>>> >>>> Miroslav Lachman >>> >>> >>> How did you update to 8.4? This sounds more like messing up the >>> mergemaster(8)/freebsd-update merge procedure than a real problem with >>> the config file. >>> >>> This is the source configuration file straight from SVN releng/8.4 >>> branch and as you can see the VersionAddendum on line 115 is commented >>> out there: >>> >>> >>> http://svnweb.freebsd.org/base/releng/8.4/crypto/openssh/sshd_config?view=markup >> >> >> It was upgraded by freebsd-update. It was intentionally left here as it was >> valid configuration for many years. >> That's why I think it should be mentioned in the Release Notes, that it is >> no longer valid configuration (empty VersionAddendum). >> >> The fact, that it is no longer in default sshd_config file doesn't mean it >> can't be used at all. It is still valid in the form which was in old default >> config: "VersionAddendum FreeBSD-20100308", but is no longer valid if empty. >> That's the point. >> >> (and empty VersionAddendum was widely used, it is not my invention) >> >> Miroslav Lachman > > > You're missing my point totally. The line is commented out in the > official source of 8.4 and there for I have very hard time believing > that it would show up uncommented on a fresh 8.4 installation. I believe Miroslav is saying he left his old but previously working sshd_config as was when updating, so its a change to the code which now fails on an empty VersionAddendum, where it previously didn't hence the problem. Regards Steve ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FB3070EFDC484C75AB519EA00A237D3E>