It seems that modifications to my /etc/ssh/sshd_config file are not picked up by the SSH daemon. For test purposes, I included a DenyUsers *, did service ssh restart, and even rebooted the whole system. But I still can ssh from remote.
How can I check that the /etc/ssh/sshd_config file gets read by sshd?
If I am not sure if a program reads a specific config file (or in which order), I try to trace the open syscalls with strace. To do this stop the ssh daemon. Then start it manually in the terminal by:
strace -e open -ostrace.out /usr/sbin/sshd
After it has started you should have a file in your current working directory called strace.out. In my case it looked like this (output stripped down):
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
...
many libraries
...
open("/proc/filesystems", O_RDONLY) = 3
open("/dev/null", O_RDWR) = 3
open("/usr/lib/ssl/openssl.cnf", O_RDONLY) = 3
open("/etc/ssh/sshd_config", O_RDONLY) = 3 <--- here sshd_config was opened
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
...
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
...
ssh keys
...
open("/etc/ssh/blacklist.ECDSA-256", O_RDONLY) = -1 ENOENT (No such file or directory)
With this test I can make sure sshd reads my /etc/ssh/sshd_config. In the last entry you can see that this file is not found on my system (-1).
/etc/ssh/ssh_configinstead of/etc/ssh/sshd_config. Thanks. – user210161 Nov 01 '13 at 09:00