Open malsony opened 3 weeks ago
malsony
commented
3 weeks ago As a temporary work-around, I added some lines to /conf/global:
Add a line 639:
export SSHD_SUPPLIMENTAL_CONFIG='/etc/ssh/sshd_config.d/60-cloudimg-settings.conf'
Add a block from line 645:
if [ X"${SSHD_PORT}" == X'' ]; then
export SSHD_PORT="$(awk '/^Port/ {print $2}' ${SSHD_SUPPLIMENTAL_CONFIG} | head -1)"
export SSHD_PORT2="$(awk '/^Port/ {print $2}' ${SSHD_SUPPLIMENTAL_CONFIG} | tail -1)"
fi
iredmail
commented
3 weeks ago "File: /etc/nftables.conf, with SSHD ports: 22. [Y|n]"
You can answer "Y" here, it will copy prepared firewall rules. Then it asks whether to restart firewall right now, choose "N" here so that you can update firewall rules with correct port number.
iRedMail installer checks file /etc/ssh/sshd_config by default, so if you changed it in file under /etc/ssh/sshd_config.d/, it won't be detected by the installer. If i remember correctly, old OpenSSH doesn't support loading config snippets, and i forgot to update this with recent linux/bsd distros. Will try to fix it in later release, but no plan shortly, sorry. Busy working on iRedMail Enterprise Edition: https://www.iredmail.org/ee.html
In line 103 of /functions/cleanup.sh, the script asks:
"File: /etc/nftables.conf, with SSHD ports: 22. [Y|n]"
Because I have changed the default port number of
sshdby adding an extra line in /etc/ssh/sshd_config.d/60-cloudimg-settings.conf and I am not sure if I should type the port number or just "n"? I tried "n", but the script took for granted that I do not want to update the firewall rules.Later I tracked back the source codes, and realized that the SSHD port was detected by /conf/global, from line 637, and I suggest the detector change another way to get the port number of sshd.
REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER: