It seems that modifications to my /etc/ssh/sshd_config file are not picked up by the SSH daemon. For test purposes, I included a DenyUsers *, did service ssh restart, and even rebooted the whole system. But I still can ssh from remote.

How can I check that the /etc/ssh/sshd_config file gets read by sshd?

0

1 Answer

If I am not sure if a program reads a specific config file (or in which order), I try to trace the open syscalls with strace. To do this stop the ssh daemon. Then start it manually in the terminal by:

strace -e open -ostrace.out /usr/sbin/sshd

After it has started you should have a file in your current working directory called strace.out. In my case it looked like this (output stripped down):

open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
...
many libraries
...
open("/proc/filesystems", O_RDONLY) = 3
open("/dev/null", O_RDWR) = 3
open("/usr/lib/ssl/openssl.cnf", O_RDONLY) = 3
open("/etc/ssh/sshd_config", O_RDONLY) = 3 <--- here sshd_config was opened
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
...
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
...
ssh keys
...
open("/etc/ssh/blacklist.ECDSA-256", O_RDONLY) = -1 ENOENT (No such file or directory)

With this test I can make sure sshd reads my /etc/ssh/sshd_config. In the last entry you can see that this file is not found on my system (-1).

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy