action #93832
closedaction #93829: [qe-core] default config does not permit password-login for root over ssh
[Tumbleweed][security]tls_389ds_sssd_client: ssh login for root denied
100%
Description
Observation¶
openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-security_389ds_sssd_client@64bit fails in
tls_389ds_sssd_client
Test suite description¶
Maintainer: rfan1
Reproducible¶
Fails since (at least) Build 20210609 (current job)
Expected result¶
Last good: 20210607 (or more recent)
Further details¶
Always latest result in this scenario: latest
Updated by dimstar about 3 years ago
- Related to action #93829: [qe-core] default config does not permit password-login for root over ssh added
Updated by dimstar about 3 years ago
- Assignee set to rfan1
- Priority changed from Normal to High
Updated by rfan1 about 3 years ago
Thanks, I will try to fix it on TW, and will double check SLES, does SLE use the same config file "/etc/ssh/sshd_config.d/root.conf"?, I used to know "/etc/ssh/sshd_config"
-Richard.
Updated by rfan1 about 3 years ago
# Permit ssh login as root
if (is_sle){
my $results = script_run("grep 'PermitRootLogin yes' /etc/ssh/sshd_config");
if (!$results) {
assert_script_run("sed -i 's/^PermitRootLogin.*\$/PermitRootLogin yes/' /etc/ssh/sshd_config");
assert_script_run("systemctl restart sshd")
}
} else {
assert_script_run("echo 'PermitRootLogin yes' > /etc/ssh/sshd_config.d/root.conf ");
assert_script_run("systemctl restart sshd");
}
Updated by dimstar about 3 years ago
rfan1 wrote:
Thanks, I will try to fix it on TW, and will double check SLES, does SLE use the same config file "/etc/ssh/sshd_config.d/root.conf"?, I used to know "/etc/ssh/sshd_config"
-Richard.
The usage of drop-in config snippets in sshd_config.d/*.conf landed in TW just a few months ago.
As far as i can see, sale up to 15SP3, do not yet support this
Got it, thanks much
Updated by rfan1 about 3 years ago
- Subject changed from tls_389ds_sssd_client: ssh login for root denied to [Tumbleweed][security]tls_389ds_sssd_client: ssh login for root denied
Updated by rfan1 about 3 years ago
Updated by rfan1 about 3 years ago
- % Done changed from 0 to 20
- Estimated time set to 8.00 h
Updated by rfan1 about 3 years ago
Updated by rfan1 about 3 years ago
- Status changed from In Progress to Feedback
- % Done changed from 20 to 90
PR merged
Updated by rfan1 about 3 years ago
- Status changed from Feedback to Resolved
- % Done changed from 90 to 100
Tests passed in OpenQA