From 3849e1201d4e076af4039a1400e05be2006630e5 Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Sat, 9 Jan 2021 21:43:57 -0300
Subject: allow-ssh.inc: allow /etc/ssh/ssh_config

This is the system-wide equivalent of ~/.ssh/config.

    $ pacman -Q openssh
    openssh 8.4p1-2

Reasons for blacklisting both /etc/ssh and /etc/ssh/* on
disable-common.inc:

Leave /etc/ssh that way so that profiles without allow-ssh.inc remain
unable to see inside of /etc/ssh.  And blacklist /etc/ssh/* so that
profiles with allow-ssh.inc are able to access only nonblacklisted files
inside of /etc/ssh.
---
 etc/profile-m-z/ssh.profile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/profile-m-z/ssh.profile')

diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile
index efdf63976..eb7bc3ec5 100644
--- a/etc/profile-m-z/ssh.profile
+++ b/etc/profile-m-z/ssh.profile
@@ -7,7 +7,7 @@ include ssh.local
 # Persistent global definitions
 include globals.local
 
-noblacklist /etc/ssh
+noblacklist /etc/ssh/*
 noblacklist /tmp/ssh-*
 # nc can be used as ProxyCommand, e.g. when using tor
 noblacklist ${PATH}/nc
-- 
cgit v1.2.3-70-g09d2