From 03f851aca316b549d1643c27471fbff1e6606ea1 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Mon, 19 Jun 2023 16:59:25 +0200
Subject: [PATCH] Move ssh configs to coreos-base/misc-files package in our
 overlay

The ssh and sshd configuration in Gentoo has been changed from a
single file thing to a single file config including configuration
snippets in /etc/ssh{,d}_config.d/ directory. We will ride on this
change and turn our ssh configs into such snippets. But these will be
installed by a different package directly into /etc/ssh
directory. This makes the tmpfiles config file creating symlinks for
ssh configs unnecessary, so drop it too.
---
 Makefile                    |  2 --
 configs/ssh_config          |  1 -
 configs/sshd_config         | 17 -----------------
 configs/tmpfiles.d/ssh.conf |  3 ---
 4 files changed, 23 deletions(-)
 delete mode 100644 configs/ssh_config
 delete mode 100644 configs/sshd_config
 delete mode 100644 configs/tmpfiles.d/ssh.conf

diff --git a/Makefile b/Makefile
index 0c43ce6..1b1495b 100644
--- a/Makefile
+++ b/Makefile
@@ -31,8 +31,6 @@ install:
 	install -m 755 udev/bin/* $(DESTDIR)/lib/udev
 	install -m 644 configs/editor.sh $(DESTDIR)/etc/env.d/99editor
 	install -m 644 configs/modules-load.d/* $(DESTDIR)/usr/lib/modules-load.d/
-	install -m 600 configs/sshd_config $(DESTDIR)/usr/share/ssh/
-	install -m 644 configs/ssh_config $(DESTDIR)/usr/share/ssh/
 	install -m 644 configs/tmpfiles.d/* $(DESTDIR)/usr/lib/tmpfiles.d/
 	cp -a systemd/* $(DESTDIR)/usr/lib/systemd/
 	chmod 755 $(DESTDIR)/usr/lib/systemd/system-generators/*
diff --git a/configs/ssh_config b/configs/ssh_config
deleted file mode 100644
index 1a88c16..0000000
--- a/configs/ssh_config
+++ /dev/null
@@ -1 +0,0 @@
-# Use defaults for ssh client system-wide configuration.
diff --git a/configs/sshd_config b/configs/sshd_config
deleted file mode 100644
index d6a8f1b..0000000
--- a/configs/sshd_config
+++ /dev/null
@@ -1,17 +0,0 @@
-# Use most defaults for sshd configuration.
-Subsystem sftp internal-sftp
-ClientAliveInterval 180
-UseDNS no
-UsePAM yes
-# handled by PAM
-PrintLastLog no
-# handled by PAM
-PrintMotd no
-Ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
-MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,umac-128-etm@openssh.com,umac-128@openssh.com
-KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
-
-# Temporarily accept ssh-rsa algorithm for openssh >= 8.8,
-# until most ssh clients could deprecate ssh-rsa.
-HostkeyAlgorithms +ssh-rsa
-PubkeyAcceptedAlgorithms +ssh-rsa
diff --git a/configs/tmpfiles.d/ssh.conf b/configs/tmpfiles.d/ssh.conf
deleted file mode 100644
index 4930d7f..0000000
--- a/configs/tmpfiles.d/ssh.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-d    /etc/ssh             -    -    -    -   -
-L    /etc/ssh/ssh_config  -    -    -    -   /usr/share/ssh/ssh_config
-L    /etc/ssh/sshd_config -    -    -    -   /usr/share/ssh/sshd_config