Modify sshd configuration


I modified the file /usr/etc/ssh/sshd_config before I read the line:

# Don't edit this configuration file itself if possible to avoid update
# problems.

I rolled back the changes using snapper with undochange and created the file /usr/etc/ssh/sshd_config.d/sshd_config.conf with the changes I wanted to make. However, the stat command still shows that I modified the /usr/etc/ssh/sshd_config file.

I’m new to linux, and I wanted to ask whether this could cause problems with future updates?

I don’t know about the stat issue with the changed file, but you should be putting your local changes in /etc/ssh/sshd_config.d/foo.conf

/etc is for local changes
/usr/etc is where the defaults go

It probably works fine, as there isn’t an RPM providing /usr/etc/ssh/sshd_config.d/sshd_config.conf so it won’t get overwritten on update, but if you modify anything in /usr/etc that is provided by a package, it will get overwritten.

1 Like

That’s because undochange just copies a file over. You might force install openssh-server to replace this copy. Check for *.{rpmsave,rpmnew} on that directory. I like to use sudo rpmconf -a (from the same named package) to see a diff or pick the maintainer version of files.

1 Like

Thank you for your help. If anyone should have the same question as I had, here is the documentation:

I’ll try that :+1:

sudo zypper install --force openssh-server

It worked as far as I can tell.

To avoid such embarrassments in the future, always first make a copy of an installed configuration file before you change it:

cp some.conf some.conf-save

or the like.

1 Like