security problem ?

[duke28]

if one user have added one ssh key

if the user has been suspended, the user can again login ssh with the ssh key

we use the /etc/ssh/sshd_config.plecibo .. is it the problem ?

sorry again for my english lol

 

[scriptkitty]

You can confirm if changes are being made to the placebo sshd_config or the original sshd_config by running 'stat' on the files, logging the timestamps, unsuspending and quickly suspending the user again. Then again run stat on the files and see which was modified. If the original was modified, then the placebo sshd_config would need to be manually modified or modified via post hooks like described in the following:

https://forum.directadmin.com/threads/sshd_config-match-user-conflicts-with-allowusers.51787/

 

[smtalk]

It has a fix for this in pre-release: https://directadmin.com/features.php?id=2952

 

[factor]

I love learning please tell me what a placebo sshd_config is?

 

[scriptkitty]

I love learning please tell me what a placebo sshd_config is?

Looks like a way to create a dummy sshd config for DA to make changes to so that you can use a different SSHd file if your desired SSHd config conflicts with changes that DA adds (I had to search it myself! ):

https://forum.directadmin.com/threads/sshd_config-match-user-conflicts-with-allowusers.51787/

 

[duke28]

we use that because "Starting sshd: /etc/ssh/sshd_config line 371: too many allow users"

https://help.directadmin.com/item.php?id=168

we have so many users on many servers

 

[factor]

we use that because "Starting sshd: /etc/ssh/sshd_config line 371: too many allow users"

https://help.directadmin.com/item.php?id=168

we have so many users on many servers

Looks like a way to create a dummy sshd config for DA to make changes to so that you can use a different SSHd file if your desired SSHd config conflicts with changes that DA adds (I had to search it myself! ):

https://forum.directadmin.com/threads/sshd_config-match-user-conflicts-with-allowusers.51787/

Thanks