SSH restart does not work on RHEL7
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Fix Released
|
Medium
|
Unassigned |
Bug Description
As part of cc_set_passwords.py - SSH is restarted when sshd_config changes are made by cloud-init
However on RHEL7, the ssh service is named "sshd" not "ssh" - "ssh" is the default in the code...
##
config/
##
There is no override for this for RHEL currently, unlike on Arch and Gentoo
#
distros/arch.py: cfg['ssh_svcname'] = 'sshd'
distros/gentoo.py: cfg['ssh_svcname'] = '/etc/init.d/sshd'
#
Fix should be added to
#
distros/rhel.py
#
Something like...
#
class Distro(
....
def __init__(self, name, cfg, paths):
....
#
I've tagged this as a security vulnerability, as it left internet accessible VMs with password based SSH enabled, and got a system compromised.
regards
James M
information type: | Private Security → Public Security |
Changed in cloud-init: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in cloud-init: | |
status: | Confirmed → Fix Committed |
From the cloud-init log.
Jul 1 09:08:53 localhost cloud-init: 2015-07-01 09:08:53,012 - util.py[WARNING]: Restarting of the ssh daemon failed