Open laurentL opened 4 years ago
@laurentL Apologies for the delay, just a quick response here.
UsePrivilegeSeparation
for the time being.As for the longer term, then we can look at how to remove it without affecting those using older versions of OpenSSH.
UsePrivilegeSeparation
has been an opt-in for quite some time now. https://github.com/saltstack-formulas/openssh-formula/blob/3d2442f3c6eb4ebb46fad8f933d2b5b5b3e6d9e3/openssh/files/default/sshd_config#L90
Unless the administrator explicitly enables it, there is no impact at all.
I agree that we could just remove UsePrivilegeSeparation
from this formula.
If existing Pillar data requires it, It will still work via https://github.com/saltstack-formulas/openssh-formula/blob/3d2442f3c6eb4ebb46fad8f933d2b5b5b3e6d9e3/openssh/files/default/sshd_config#L204.
I opened a PR.
Hi, https://www.openssh.com/releasenotes.html OpenSSH 7.5/7.5p1 (2017-03-20) This release includes a number of changes that may affect existing configurations:
UsePrivilegeSeparation must be remove, Impact: impossible to start sshd