Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 Jun 2013 01:29:29 +0200
From:      Miroslav Lachman <000.fbsd@quip.cz>
To:        Kimmo Paasiala <kpaasial@gmail.com>
Cc:        freebsd-stable Stable <freebsd-stable@freebsd.org>
Subject:   Re: sshd didn't run after upgrade to FreeBSD 8.4
Message-ID:  <51C23ED9.7070107@quip.cz>
In-Reply-To: <CA%2B7WWScSS16URJNQ3h1WjoXaBhG_gBn=ERb_SiCc4y%2BDhBeuKA@mail.gmail.com>
References:  <51C22E11.3020008@quip.cz> <CA%2B7WWScSS16URJNQ3h1WjoXaBhG_gBn=ERb_SiCc4y%2BDhBeuKA@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail 

Kimmo Paasiala wrote:
> On Thu, Jun 20, 2013 at 1:17 AM, Miroslav Lachman<000.fbsd@quip.cz>  wrote:
>> The version of sshd in FreeBSD 8.4 is not backward compatible with older
>> version from 8.3.
>>
>> OpenSSH_5.4p1 (on FreeBSD 8.3)
>> OpenSSH_6.1p1 (on FreeBSD 8.4)
>>
>> # sshd -t
>> /etc/ssh/sshd_config line 19: Missing argument.
>>
>> On line 19, there is:
>> VersionAddendum
>>
>> It was OK in older versions. It will remove any default text appended to SSH
>> protocol banner (for example 'FreeBSD-20120901').
>>
>> On FreeBSD 8.4, there must be some string (any single character)
>>
>> I was really badly surprised that the machine was re-booted without ssh
>> access!
>>
>> I think this change is worth to mention in Release Notes
>>
>> Miroslav Lachman
>
> How did you update to 8.4? This sounds more like messing up the
> mergemaster(8)/freebsd-update merge procedure than a real problem with
> the config file.
>
> This is the source configuration file straight from SVN releng/8.4
> branch and as you can see the VersionAddendum on line 115 is commented
> out there:
>
> http://svnweb.freebsd.org/base/releng/8.4/crypto/openssh/sshd_config?view=markup

It was upgraded by freebsd-update. It was intentionally left here as it 
was valid configuration for many years.
That's why I think it should be mentioned in the Release Notes, that it 
is no longer valid configuration (empty VersionAddendum).

The fact, that it is no longer in default sshd_config file doesn't mean 
it can't be used at all. It is still valid in the form which was in old 
default config: "VersionAddendum FreeBSD-20100308", but is no longer 
valid if empty. That's the point.

(and empty VersionAddendum was widely used, it is not my invention)

Miroslav Lachman
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51C23ED9.7070107>