ssh: T1076: make configuration volatile

Move sshd_config file to /run so it must be generated on every boot and is not stored accidently.
author: Christian Poessinger <christian@poessinger.com> 2020-08-03 18:38:55 +0200
committer: Christian Poessinger <christian@poessinger.com> 2020-08-03 18:40:06 +0200
commit: ca2ab503f42a8446175954e9e7280ecc8e75e927 (patch)
tree: ea9a118982f310815b9d690ec80d238056bd072c /src/conf_mode/ssh.py
parent: 6539f908e17c17a4a931e9638af9487e341bdcae (diff)
download: vyos-1x-ca2ab503f42a8446175954e9e7280ecc8e75e927.tar.gz
vyos-1x-ca2ab503f42a8446175954e9e7280ecc8e75e927.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py
index ffb0b700d..7b262565a 100755
--- a/src/conf_mode/ssh.py
+++ b/src/conf_mode/ssh.py
@@ -28,7 +28,7 @@ from vyos.xml import defaults
 from vyos import airbag
 airbag.enable()
 
-config_file = r'/etc/ssh/sshd_config'
+config_file = r'/run/ssh/sshd_config'
 systemd_override = r'/etc/systemd/system/ssh.service.d/override.conf'
 
 def get_config():
@@ -42,6 +42,8 @@ def get_config():
     # options which we need to update into the dictionary retrived.
     default_values = defaults(base)
     ssh = dict_merge(default_values, ssh)
+    # pass config file path - used in override template
+    ssh['config_file'] = config_file
 
     return ssh
author	Christian Poessinger <christian@poessinger.com>	2020-08-03 18:38:55 +0200
committer	Christian Poessinger <christian@poessinger.com>	2020-08-03 18:40:06 +0200
commit	ca2ab503f42a8446175954e9e7280ecc8e75e927 (patch)
tree	ea9a118982f310815b9d690ec80d238056bd072c /src/conf_mode/ssh.py
parent	6539f908e17c17a4a931e9638af9487e341bdcae (diff)
download	vyos-1x-ca2ab503f42a8446175954e9e7280ecc8e75e927.tar.gz vyos-1x-ca2ab503f42a8446175954e9e7280ecc8e75e927.zip