• Important: We recently upgraded our forum software - please let us know if you run into any issues.

Linux server boot issue suspected due to incorrect sshd_config configuration

Adesh Hambir

New Member
Recently one of our linux server in the cloud was not coming up after reboot. When we checked with vendor, he said it may be due to sshd_config file not configured properly. There was also file system corruption issue during that time. We are not sure if it was really a file system corruption issue or sshd_config file misconfiguration issue which made server unbootable.
The sshd_config file was configured as below:
AllowUsers user1 user2 user3 user4 user5
AllowUsers user6 user7
AllowUsers user8
AllowUsers user9
As per the vendor there can't be multiple entries for AllowUsers so the entries for user6 user7 user8 user9 are invalid.
AllowUsers user6 user7
AllowUsers user8
AllowUsers user9
I went though some blogs including Red-hat https://access.redhat.com/discussions/3872831 but it’s not clear from anywhere whether this is a correct configuration or not. Also, is there any way if sshd_config configuration can be validated?
 


TechnoJunky

Active Member
From what I've read it needs to be 1 line, spaces between. Another option is to create a group and then use allowgroups instead of allowusers. This might be easier to maintain as well.
 

kenJackson

Member
From man sshd_config, "For each keyword, the first obtained value will be used."

So the vendor is correct. Only the first line is valid.

I don't know if there's a way to do a static test, but just now as a test, I added a junk entry in my /etc/ssh/sshd_config file and ran "systemctl restart sshd". It failed and reported an error which I can see with "journalctl": "Bad configuration option."

But when I tried again with a repeated valid option, there was no error. Maybe you need to set the "LogLevel" keyword to "Verbose."
 

Members online


Top