That would be one option. The ideas I had were:
- Just ignore that and assume that we know better anyway. So we just work with the main file and configure what we think is best, hoping that there is nothing we need in the redhat file.
- Add a task which runs through all files in `sshd_config.d` to remove all configuration options we set in the main config file
- Deploy all our configuration in an included file with higher priority, e.g. `/sshd_config.d/99-uos-cert.conf` which should overwrite the other includes
- either have the settings only in `/sshd_config.d/99-uos-cert.conf` and ensure that there is an include
- or have the settings in `/sshd_config.d/99-uos-cert.conf` and the main `sshd_config` so that the settings from the main file are active if there is no include
Not sure what's the best solution. Any preference or other idea?
_Originally posted by @lkiesow in https://github.com/UOS-RZ/secure_sshd/pull/10#discussion_r1666573733_