On Mon, Nov 24, 2014 at 01:57:24PM +0100, Tomas Mraz wrote: > The only remaining problem is for systems which have been installed > previously and have only root login and someone upgrades them to new > Fedora release. Here the system would be made inaccessible by the > openssh-server rpm upgrade from the old Fedora to F22. > I am afraid there is no easy solution for the problem above. The config file is marked as "noreplace". This means that it's only an issue in cases where the previous system has also never had its sshd config touched. (And suggests that a somewhat kludgey but functional workaroud would be to ensure that it _is_ touched before the install -- possibly %pre or %pretrans scripts would be sufficient.) -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
