You are not logged in.
Pages: 1
I noticed systemd-256 installs /usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf and /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.con symlink.
Why do i need it? How systemd is related to ssh? How can i disable this feature?
Offline
The recent infamous xz utils backdoor may be why they did this .
https://www.freedesktop.org/software/sy … rator.html was also added iafter that incident .
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
This ssh generator and proxy looks like something for VMs and for access sshd via sockets other than TCP.
I'm investigating another ssh issue (probably i'll create another topic if can't figure it out by myself) and curious if it may affect normal network ssh functionality. I'd prefer to disable this feature if i don't need it.
As i understand from systemd-generator manual, systemd-ssh-generator works on ssh server side and can be masked by creating /etc/systemd/system-generators/systemd-ssh-generator symlink to /dev/null manually. But systemd-ssh-proxy looks like related to ssh client, not a server.
Offline
https://bbs.archlinux.org/viewtopic.php … 7#p2178417 - does "systemd.ssh_auto=no" block it?
Offline
https://bbs.archlinux.org/viewtopic.php … 7#p2178417 - does "systemd.ssh_auto=no" block it?
I added "systemd.ssh_auto=no" to the kernel cmdline just in case. I see no difference in systemd opened descriptors with the option and without it. Maybe it has no any effect unless i use systemd containers, i don't know how to check it.
And when i don't know what something is for, what it is doing (or waiting to do) in my system, i feel like it is bloating
Regarding /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf, i tried to replace it with symlink to /dev/null. But after systemd re-install it is overwritten back to ../../../usr/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf
Offline
The systemd-ssh-generator changes how sshd can be started and enables starting sshd through socket activation .
Socket activation is on-demand and you are not asked whether its ok for the service to be activated.
Are you ok with sshd always being reachable on your sytem ?
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
Are you ok with sshd always being reachable on your sytem ?
I already have sshd.service enabled and sshd running permanently for remote access to the system. But i use it from the network, not from local VMs.
Offline
Pages: 1