From owner-freebsd-stable@FreeBSD.ORG Wed Jun 19 23:32:01 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 5CC842E6 for ; Wed, 19 Jun 2013 23:32:01 +0000 (UTC) (envelope-from kpaasial@gmail.com) Received: from mail-qc0-x233.google.com (mail-qc0-x233.google.com [IPv6:2607:f8b0:400d:c01::233]) by mx1.freebsd.org (Postfix) with ESMTP id 2507F1737 for ; Wed, 19 Jun 2013 23:32:01 +0000 (UTC) Received: by mail-qc0-f179.google.com with SMTP id e11so3386636qcx.38 for ; Wed, 19 Jun 2013 16:32:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=SrgHYUswqKPtFtnV/reCa9CgIK0ZxqUz7yjEZPSh4QQ=; b=KQYYg/nfzQ64MLnHKycIpF+dgJW9byJlLorvZRp0BNxATqSNCVD5eI57nE91refgWs +moproI/de/NiN56zNu1FcAi5pBPpYF6MfpV6j8LKvYYwY+xDWq4eQtB5djjfC0/nLdu 56aMZChKCozY3t+vS37hQ9YU+ITFC6AMCeoVrMJxpdsGjzse7At5cXLnBsM6+sVY6URt 0rSWmR57geTtVXs2aQeO5mzfkGpu59mQQPXuBzlX55G1g5rcHt4PuJZetQ43dKvEwSqV ZGAGMPwYyZu9xmc1+X9ufGhRpwvn6LL9MIgbXughYnrHO4E2/ai4p9nyr1U0gMaCF61M P0Zw== MIME-Version: 1.0 X-Received: by 10.229.177.10 with SMTP id bg10mr1916876qcb.135.1371684720564; Wed, 19 Jun 2013 16:32:00 -0700 (PDT) Received: by 10.224.182.148 with HTTP; Wed, 19 Jun 2013 16:32:00 -0700 (PDT) In-Reply-To: <51C23ED9.7070107@quip.cz> References: <51C22E11.3020008@quip.cz> <51C23ED9.7070107@quip.cz> Date: Thu, 20 Jun 2013 02:32:00 +0300 Message-ID: Subject: Re: sshd didn't run after upgrade to FreeBSD 8.4 From: Kimmo Paasiala To: Miroslav Lachman <000.fbsd@quip.cz> Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable Stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jun 2013 23:32:01 -0000 On Thu, Jun 20, 2013 at 2:29 AM, Miroslav Lachman <000.fbsd@quip.cz> wrote: > Kimmo Paasiala wrote: >> >> On Thu, Jun 20, 2013 at 1:17 AM, Miroslav Lachman<000.fbsd@quip.cz> >> wrote: >>> >>> The version of sshd in FreeBSD 8.4 is not backward compatible with older >>> version from 8.3. >>> >>> OpenSSH_5.4p1 (on FreeBSD 8.3) >>> OpenSSH_6.1p1 (on FreeBSD 8.4) >>> >>> # sshd -t >>> /etc/ssh/sshd_config line 19: Missing argument. >>> >>> On line 19, there is: >>> VersionAddendum >>> >>> It was OK in older versions. It will remove any default text appended to >>> SSH >>> protocol banner (for example 'FreeBSD-20120901'). >>> >>> On FreeBSD 8.4, there must be some string (any single character) >>> >>> I was really badly surprised that the machine was re-booted without ssh >>> access! >>> >>> I think this change is worth to mention in Release Notes >>> >>> Miroslav Lachman >> >> >> How did you update to 8.4? This sounds more like messing up the >> mergemaster(8)/freebsd-update merge procedure than a real problem with >> the config file. >> >> This is the source configuration file straight from SVN releng/8.4 >> branch and as you can see the VersionAddendum on line 115 is commented >> out there: >> >> >> http://svnweb.freebsd.org/base/releng/8.4/crypto/openssh/sshd_config?view=markup > > > It was upgraded by freebsd-update. It was intentionally left here as it was > valid configuration for many years. > That's why I think it should be mentioned in the Release Notes, that it is > no longer valid configuration (empty VersionAddendum). > > The fact, that it is no longer in default sshd_config file doesn't mean it > can't be used at all. It is still valid in the form which was in old default > config: "VersionAddendum FreeBSD-20100308", but is no longer valid if empty. > That's the point. > > (and empty VersionAddendum was widely used, it is not my invention) > > Miroslav Lachman You're missing my point totally. The line is commented out in the official source of 8.4 and there for I have very hard time believing that it would show up uncommented on a fresh 8.4 installation. -Kimmo