From owner-freebsd-ports Mon Jan 22 16:37:35 1996 Return-Path: owner-ports Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA05001 for ports-outgoing; Mon, 22 Jan 1996 16:37:35 -0800 (PST) Received: from toadflax.cs.ucdavis.edu (toadflax.cs.ucdavis.edu [128.120.56.188]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id QAA04948 Mon, 22 Jan 1996 16:37:26 -0800 (PST) Received: by toadflax.cs.ucdavis.edu (4.1/UCD.CS.2.6) id AA13736; Mon, 22 Jan 96 16:37:22 PST From: obrien@cs.ucdavis.edu (David E. O'Brien) Message-Id: <9601230037.AA13736@toadflax.cs.ucdavis.edu> Subject: Re: ssh /etc config files location.. To: ports@FreeBSD.ORG, security@FreeBSD.ORG Date: Mon, 22 Jan 1996 16:37:20 -0800 (PST) In-Reply-To: <199601221259.UAA04035@jhome.DIALix.COM> from "Peter Wemm" at Jan 22, 96 08:59:21 pm X-Mailer: ELM [version 2.4 PL24 ME8b] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ports@FreeBSD.ORG Precedence: bulk > >>I am still somewhat disturbed with the location of some rather critical > >>"per site" info from ssh in /usr/local/etc.. Specifically the ssh host > >>secret keys, and the per-site config files. > > > >>This is (IMHO) rather dangerous. If you NFS mount /usr/local, this will > >>screw you rather badly. > > > >>There are precedents against this too.. gated keeps it's config files in > >>/etc. > > > >There are precedent _for_ this, tcp_wrapper uses /usr/local/etc. Just because the tcp wrapper's porter picked this location doesn't make it correct. In fact from looking at hier(7), I'd say most ports abuse lib (where etc should be used) and man & etc (where share/* should be used). > True, but in the most likely case of having /usr/local shared (ie: a small > group of machines) tcp_wrapper configs are most likely to be the same > for all the hosts anyway. However, tcp_wrapper does not need to constantly Agreed, all most hosts w/in the same local net have the same tcp_wrappers setup. > write to any files in /usr/local/etc like sshd has been configured to do. If files are written suggests /var is the place for them then. > >Using NFS for /usr/local/bin/{security_binaries} is big risk too > >because they can be changes (like config files). > >I don't see the point to move security-related configs to /etc > >and _not_ to move security binaries from /usr/local. It's a pratical nature. On most my previous sites, we read-only NFS mounted most non-OS released files. Only admins had login's on the file servers. Mostly because of disk space and simple administrative reasons. I don't think you can agure that right or wrong, this is a typical practice. > I'm not worried so much about the config files, but I am worried about the > run-time data generated by sshd that is written to the etcdir, and I'm also > concerned about the critical public and private host keys. sshd_config and > ssh_config could stay in /usr/local/etc for all I care. :-) Agreed. -- David (obrien@cs.ucdavis.edu)