Fix detection of SFTP configuration

Kristan Kenney · Kristan Kenney · commit 175c1dc10e31 · 2019-06-13T23:25:06.000-03:00
Improved logic for detecting variations in sshd_config. Thanks to @Lupul for this fix.
diff --git a/install/hst-install-debian.sh b/install/hst-install-debian.sh
@@ -892,10 +892,10 @@ rm -f /usr/sbin/policy-rc.d
 sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
 
 # Enable SFTP subsystem for SSH
-sftp_subsys_enabled=$(grep "#Subsystem sftp-server" /etc/ssh/sshd_config)
+sftp_subsys_enabled=$(grep -iE "^#?.*subsystem.+(sftp )?sftp-server" /etc/ssh/sshd_config)
 if [ ! -z "$sftp_subsys_enabled" ]; then
     echo "(*) Updating SFTP subsystem configuration..."
-    sed -i "s/#Subsystem sftp-server/Subsystem sftp internal-sftp/gI" /etc/ssh/sshd_config
+    sed -i -E "s/^#?.*Subsystem.+(sftp )?sftp-server/Subsystem sftp internal-sftp/g" /etc/ssh/sshd_config
 fi
 
 # Disable SSH suffix broadcast
diff --git a/install/hst-install-ubuntu.sh b/install/hst-install-ubuntu.sh
@@ -866,10 +866,10 @@ rm -f /usr/sbin/policy-rc.d
 sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
 
 # Enable SFTP subsystem for SSH
-sftp_subsys_enabled=$(grep "#Subsystem sftp-server" /etc/ssh/sshd_config)
+sftp_subsys_enabled=$(grep -iE "^#?.*subsystem.+(sftp )?sftp-server" /etc/ssh/sshd_config)
 if [ ! -z "$sftp_subsys_enabled" ]; then
     echo "(*) Updating SFTP subsystem configuration..."
-    sed -i "s/#Subsystem sftp-server/Subsystem sftp internal-sftp/gI" /etc/ssh/sshd_config
+    sed -i -E "s/^#?.*Subsystem.+(sftp )?sftp-server/Subsystem sftp internal-sftp/g" /etc/ssh/sshd_config
 fi
 
 # Disable SSH suffix broadcast
diff --git a/install/upgrade/0.10.0-190430.sh b/install/upgrade/0.10.0-190430.sh
@@ -345,10 +345,10 @@ fi
 $HESTIA/bin/v-add-sys-sftp-jail
 
 # Enable SFTP subsystem for SSH
-sftp_subsys_enabled=$(cat /etc/ssh/sshd_config | grep "#Subsystem sftp-server")
+sftp_subsys_enabled=$(grep -iE "^#?.*subsystem.+(sftp )?sftp-server" /etc/ssh/sshd_config)
 if [ ! -z "$sftp_subsys_enabled" ]; then
     echo "(*) Updating SFTP subsystem configuration..."
-    sed -i "s/#Subsystem sftp-server/Subsystem sftp internal-sftp/gI" /etc/ssh/sshd_config
+    sed -i -E "s/^#?.*Subsystem.+(sftp )?sftp-server/Subsystem sftp internal-sftp/g" /etc/ssh/sshd_config
     service ssh restart
 fi
 
