From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat, 7 Dec 2024 15:03:59 +0000 (+0100)
Subject: openssh: Introduce include directory for additional sshd config files
X-Git-Tag: v2.29-core190~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1a4d5cfd92bb1f52e6670399ef94a36fe97cdf6a;p=ipfire-2.x.git

openssh: Introduce include directory for additional sshd config files

This patch adds the prosibility to place additional *.config files in /etc/ssh/sshd_config.d/
which will be included and loaded during the daemon startup process.

Because this files will not be overwritten by any update, they can be used to place custom
or other persistent settings.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/rootfiles/common/openssh b/config/rootfiles/common/openssh
index f7b479f551..d256513485 100644
--- a/config/rootfiles/common/openssh
+++ b/config/rootfiles/common/openssh
@@ -8,6 +8,7 @@ etc/ssh/ssh_config
 #etc/ssh/ssh_host_rsa_key
 #etc/ssh/ssh_host_rsa_key.pub
 etc/ssh/sshd_config
+etc/ssh/sshd_config.d
 usr/bin/scp
 usr/bin/sftp
 usr/bin/ssh
diff --git a/config/ssh/sshd_config b/config/ssh/sshd_config
index e338f8cef5..ce74cb8510 100644
--- a/config/ssh/sshd_config
+++ b/config/ssh/sshd_config
@@ -57,4 +57,7 @@ TCPKeepAlive no
 # Add support for SFTP
 Subsystem	sftp	/usr/lib/openssh/sftp-server
 
+# Include additional sshd config files.
+Include /etc/ssh/sshd_config.d/*.conf
+
 # EOF
diff --git a/lfs/openssh b/lfs/openssh
index c14c8267cf..b1c9a1635e 100644
--- a/lfs/openssh
+++ b/lfs/openssh
@@ -91,5 +91,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	install -v -m 644 $(DIR_SRC)/config/ssh/ssh_config \
 		/etc/ssh/ssh_config
 
+	# Create directory for additional config
+	# config files.
+	mkdir -pv /etc/ssh/sshd_config.d/
+
 	@rm -rf $(DIR_APP)
 	@$(POSTBUILD)