Where is cpanel backup of sshd_config?

perplex

• April 22, 2021 15:21

Hello, I recently used WHM/cPanel to do a complete backup which includes both System and Account directories. Having done this I now have these two folders with a list of ".tar.gz" files; however, nowhere in the list can I see one for "/etc/ssh/sshd_config"! Can someone please tell me what ".tar.gz" cPanel has backed it up to? Thanks

• 

  cPRex Jurassic Moderator

  • April 22, 2021 20:33

  Hey there! cPanel doesn't include the SSH configuration file in the system backups. Here is what I see when I check the system backups on my personal server: Directories: -rw-------. 2 root root 11K Apr 18 02:00 _etc_cpanel.tar.gz -rw-------. 2 root root 12K Apr 18 02:00 _etc_mail.tar.gz -rw-------. 2 root root 3.9K Apr 18 02:01 _etc_pki_tls_certs.tar.gz -rw-------. 2 root root 2.2K Apr 18 02:00 _etc_proftpd.tar.gz -rw-------. 2 root root 3.2K Apr 18 02:01 _etc_ssl.tar.gz -rw-------. 2 root root 805 Apr 18 02:00 _etc_valiases.tar.gz -rw-------. 2 root root 361 Apr 18 02:00 _etc_vdomainaliases.tar.gz -rw-------. 2 root root 741 Apr 18 02:00 _etc_vfilters.tar.gz -rw-------. 2 root root 9.1M Apr 18 02:00 _usr_local_cpanel_3rdparty_mailman.tar.gz -rw-------. 2 root root 24M Apr 18 02:01 _var_cpanel.tar.gz -rw-------. 2 root root 42M Apr 18 02:01 _var_lib_rpm.tar.gz -rw-------. 2 root root 19K Apr 18 02:01 _var_named.tar.gz -rw-------. 2 root root 779 Apr 18 02:01 _var_spool_cron.tar.gz
  Files: -rw-------. 2 root root 7.7K Apr 15 02:53 _etc_apache2_conf_httpd.conf.gz -rw-r--r--. 2 root root 3.5K Apr 1 12:56 _etc_cpanel_exim_system_filter.gz -rw-r-----. 2 root root 557 Apr 13 15:00 _etc_dovecot_sni.conf.gz -rw-r--r--. 2 root root 17K Apr 1 12:56 _etc_exim.conf.gz -rw-r--r--. 2 root root 865 Mar 23 02:54 _etc_exim.conf.localopts.gz -rw-r--r--. 2 root root 289 Mar 8 02:24 _etc_fstab.gz -rw-r--r--. 2 root root 542 Apr 13 12:59 _etc_group.gz -rw-r--r--. 2 root root 29 Mar 8 02:00 _etc_ips.gz -rw-r-----. 2 root root 119 Apr 13 12:59 _etc_localdomains.gz -rw-r-----. 2 root root 33 Apr 17 03:02 _etc_mailips.gz -rw-r-----. 2 root root 35 Mar 17 15:48 _etc_manualmx.gz -rw-r--r--. 2 root root 628 Mar 8 04:25 _etc_my.cnf.gz -rw-r--r--. 2 root root 1.5K Apr 13 12:59 _etc_named.conf.gz -rw-r--r--. 2 root root 914 Apr 13 12:59 _etc_passwd.gz -rw-------. 2 root root 4.3K Mar 28 23:35 _etc_pure-ftpd.conf.gz -rw-r--r--. 2 root root 54 Mar 16 19:55 _etc_remotedomains.gz -rw-r-----. 2 root root 37 Mar 8 01:55 _etc_secondarymx.gz -rw-r-----. 2 root root 49 Mar 8 01:55 _etc_senderverifybypasshosts.gz -rw-------. 2 root root 899 Apr 13 12:59 _etc_shadow.gz -rw-r-----. 2 root root 41 Mar 8 01:55 _etc_spammeripblocks.gz -rw-r--r--. 2 root root 34 Dec 12 22:58 _etc_spammers.gz -rw-r--r--. 2 root root 272 Mar 17 15:16 _etc_wwwacct.conf.gz -rw-------. 2 root root 81 Mar 8 01:59 _root_.my.cnf.gz -rw-------. 2 root root 1.2K Mar 8 01:56 _var_cpanel_greylist_greylist.sqlite.gz -rw-------. 2 root root 193 Mar 8 01:59 _var_cpanel_mysql_remote_profiles_profiles.json.gz
  If it's not in that list, it's not something that cPanel is backing up.

  0
• 

  perplex

  • April 22, 2021 21:35

  Hi, Thank you for your speedy reply. That's exactly what I thought, and what I have too. This is a shame as I would not class this as a Full/Complete system backup by cPanel! I am now unable to see what my previous settings in sshd_config were to return my server back to what I had set prior to a breach. This makes me wonder just what other essentially important files cPanel do not include in their backups, any ideas?

  0
• 

  cPRex Jurassic Moderator

  • April 23, 2021 13:36

  cPanel only backs up files that are necessary for the cPanel services and account restores. It's definitely not a full image-type system backup that could be used to restore the operating system.

  0

Please sign in to leave a comment.