Bug#1080174: systemd: 20-systemd-ssh-proxy.conf cannot be customised or removed

Luca Boccassi bluca at debian.org
Tue Oct 8 22:00:34 BST 2024


Control: tags -1 wontfix
Control: close -1

On Sat, 31 Aug 2024 04:32:30 +0200 Christoph Anton Mitterer
<calestyo at scientia.org> wrote:
> Package: systemd
> Version: 256.5-1
> Severity: important
> 
> 
> Hey.
> 
> I think since version 256 there's systemd-ssh-generator and friends
including
> /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf which is a non-
conffile that
> is a symlink to:
> /usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf
> 
> as such, it cannot be modified by the user or removed, as it will be
re-installed
> on upgrade (and there even overwriting any manually created
> 20-systemd-ssh-proxy.conf that is not a symlinks).
> 
> I don't think this should happen, and wouldn't be too surprised if it
was a policy
> violation (though too lazy to check ^^).

It is most certainly not. This is necessary to ensure ssh via
vsock/afunix works out of the box. You can set up a local dpkg
diversion if you want to.

> btw: It also seems a really bad thing to set:
>         StrictHostKeyChecking no
>         UserKnownHostsFile /dev/null
> which AFAICS are not suggested by systemd-ssh-proxy(1) either.
> 
> `StrictHostKeyChecking no` unconditionally adds keys to known_hosts,
which just
> invites for subtle means to exploit it (social engineering, etc.).

This is restricted to vsock/afunix, so there's no such risk:

Host unix/* vsock/*
<...>



More information about the Pkg-systemd-maintainers mailing list