What is the current recommended way to configure sshd on ubuntu core? We have some settings that we need sshd to apply on startup and potentially change during runtime.
Is there anything on your backlog to set configuration through snapd system options perhaps?
Thanks @ogra I am aware of these settings, but they are not what I want.
Let’s say you had to do some ssh configuration beyond these 2 settings, how would you do it? Is there a best practice? Or will snapcraft in future introduce a way to be able to configure ssh?
You could perhaps try to create an sshd snap (not sure there are sufficient interfaces to get this working though, you got to try) and completely disable the one on the system …
and alternatively you could open a PR to snapd to support actual options to be added to the system for setting sshd configs, but that will likely be a long winded process to get it past the architects …
Hi, have the same issue after https://terrapin-attack.com/. Need to configure the ciphers (and possibly other security settings) and then reload sshd on Core 16 and 20 devices. Manual configuration via root user is possible, but doesn’t scale to 1000s of devices.
Not all devices have a gadget snap we control, so can’t use that to add the file to the writable partition.
Did anyone find a solution or manage to roll their own sshd snap?
Well we are still waiting on newer core version for the Dell Gateway 3002 for the past two months. As this is an exposed network service I want to be able to control it myself and adhere to security requirements and SLAs.