I think doing the opposite is better usually, never making changes to the main /... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		zokier 10 months ago \| parent \| context \| favorite \| on: A terrible way to jump into colocating your own st... I think doing the opposite is better usually, never making changes to the main /etc/ssh/sshd_config and always add your own customizations to /etc/ssh/sshd_config.d/; that way you have clear separation of your own and distro configs, which makes life easier especially when upgrading sshd. Although I'll readily admit that I don't myself follow that advise all the time.

xyse53 10 months ago [–]

This. And give your drop-in a prefix like 00-*.conf.

Fwiw I don't think SSH adds the include line upstream. Most distros add it now.

jgalt212 10 months ago | [–]

Yes. I had a hard time figuring out if a low numbered prefix got final say, or the high numbered one.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact