1

I'm testing an instance of CopSSH on my local machine to get ready to implement an SSH server that will allow our development team to start using Mercurial over SSH. The CopSSH control panel is a useful GUI to the SSH configuration, but it inserts a ForceCommand directive, depending on what kind of shell access the user is given. Unfortunately, this breaks remote commands.

I can easily edit sshd_config manually, and everything works great. But if I start up the CopSSH control panel at any time, it overwrites the config file, inserting ForceCommand and causing problems.

Is there a way to stop the control panel from doing this? Is there a backup 'default' of sshd_config that it uses to overwrite the current one, or is it hard coded an unchangeable?

voithos
  • 113
  • 5

2 Answers2

1

I don't have a definitive answer, but I have spend a fair amount of time searching on this issue. AFAIK, if you use the CopSSH control panel, then you cannot manually edit the sshd_config. It does not appear to use a template that would allow you to make changes that would be used by the control panel.

So basically you have to accept what the CopSSH control panel does for you, or manually maintain your accounts, and all the configuration.

Zoredache
  • 128,755
  • 40
  • 271
  • 413
  • I thought so. I honestly don't mind maintaining the config file manually (I use Linux at home, so I'm fairly comfortable with configuration files), but it would be unfortunate if someone was looking around in the server and could botch up the SSH connections _just_ by opening the control panel. I suppose they shouldn't really be looking around the server, though. – voithos Jun 02 '11 at 17:55
  • If you are going to manually maintain the file, you might want to delete the shortcut in the start menu for the control panel to discourage accidental changes. – Zoredache Jun 02 '11 at 18:02
  • Indeed, I was thinking of doing just that. – voithos Jun 02 '11 at 18:34
0

Sorry for the thread necromancy, but I was having a similar problem and discovered that there's a copsshcp.config file in the directory with the copsshcp executable that has all of the options used to rewrite the sshd_config file when the control panel is opened. You can add those options to that file in the [Server] section to make them persistent.

Neil
  • 1