| Summary: | sshd -T does not work with Match, shows empty result [regression 7.2p1-7.9p1] | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Miroslav Lachman <000.fbsd> |
| Component: | bin | Assignee: | freebsd-bugs (Nobody) <bugs> |
| Status: | New --- | ||
| Severity: | Affects Some People | CC: | emaste |
| Priority: | --- | ||
| Version: | 12.2-RELEASE | ||
| Hardware: | Any | ||
| OS: | Any | ||
Any progress on this annoying regression? |
I don't know if this should be considered as bug or "just changed behavior" but it is annoying. sshd -T works in FreeBSD 11.4 (OpenSSH_7.5) and prints details about current configuration but it does not work with the same configuration file in FreeBSD 12.2 (OpenSSH_7.9). # sshd -T 'Match Group' in configuration but 'user' not in connection test specification. Once I have any "Match" in sshd_config then sshd -T does not work. It needs additional -C user=fakeuser to print configuration. (I just needed to view supported ciphers) You can try it with default sshd_config and add something like this: Match group sftponly ChrootDirectory %h ...or just ucomment the section "Match User anoncvs". I think sshd -T should still work without -C as it was in older versions and print configuration for any non-matched criteria.