Where is cpanel backup of sshd_config?

[perplex]

Hello,

I recently used WHM/cPanel to do a complete backup which includes both System and Account directories. Having done this I now have these two folders with a list of ".tar.gz" files; however, nowhere in the list can I see one for "/etc/ssh/sshd_config"! Can someone please tell me what ".tar.gz" cPanel has backed it up to?

Thanks

 

[cPRex]

Hey there! cPanel doesn't include the SSH configuration file in the system backups. Here is what I see when I check the system backups on my personal server:

Directories:

-rw-------. 2 root root  11K Apr 18 02:00 _etc_cpanel.tar.gz
-rw-------. 2 root root  12K Apr 18 02:00 _etc_mail.tar.gz
-rw-------. 2 root root 3.9K Apr 18 02:01 _etc_pki_tls_certs.tar.gz
-rw-------. 2 root root 2.2K Apr 18 02:00 _etc_proftpd.tar.gz
-rw-------. 2 root root 3.2K Apr 18 02:01 _etc_ssl.tar.gz
-rw-------. 2 root root  805 Apr 18 02:00 _etc_valiases.tar.gz
-rw-------. 2 root root  361 Apr 18 02:00 _etc_vdomainaliases.tar.gz
-rw-------. 2 root root  741 Apr 18 02:00 _etc_vfilters.tar.gz
-rw-------. 2 root root 9.1M Apr 18 02:00 _usr_local_cpanel_3rdparty_mailman.tar.gz
-rw-------. 2 root root  24M Apr 18 02:01 _var_cpanel.tar.gz
-rw-------. 2 root root  42M Apr 18 02:01 _var_lib_rpm.tar.gz
-rw-------. 2 root root  19K Apr 18 02:01 _var_named.tar.gz
-rw-------. 2 root root  779 Apr 18 02:01 _var_spool_cron.tar.gz

Files:

-rw-------. 2 root root 7.7K Apr 15 02:53 _etc_apache2_conf_httpd.conf.gz
-rw-r--r--. 2 root root 3.5K Apr  1 12:56 _etc_cpanel_exim_system_filter.gz
-rw-r-----. 2 root root  557 Apr 13 15:00 _etc_dovecot_sni.conf.gz
-rw-r--r--. 2 root root  17K Apr  1 12:56 _etc_exim.conf.gz
-rw-r--r--. 2 root root  865 Mar 23 02:54 _etc_exim.conf.localopts.gz
-rw-r--r--. 2 root root  289 Mar  8 02:24 _etc_fstab.gz
-rw-r--r--. 2 root root  542 Apr 13 12:59 _etc_group.gz
-rw-r--r--. 2 root root   29 Mar  8 02:00 _etc_ips.gz
-rw-r-----. 2 root root  119 Apr 13 12:59 _etc_localdomains.gz
-rw-r-----. 2 root root   33 Apr 17 03:02 _etc_mailips.gz
-rw-r-----. 2 root root   35 Mar 17 15:48 _etc_manualmx.gz
-rw-r--r--. 2 root root  628 Mar  8 04:25 _etc_my.cnf.gz
-rw-r--r--. 2 root root 1.5K Apr 13 12:59 _etc_named.conf.gz
-rw-r--r--. 2 root root  914 Apr 13 12:59 _etc_passwd.gz
-rw-------. 2 root root 4.3K Mar 28 23:35 _etc_pure-ftpd.conf.gz
-rw-r--r--. 2 root root   54 Mar 16 19:55 _etc_remotedomains.gz
-rw-r-----. 2 root root   37 Mar  8 01:55 _etc_secondarymx.gz
-rw-r-----. 2 root root   49 Mar  8 01:55 _etc_senderverifybypasshosts.gz
-rw-------. 2 root root  899 Apr 13 12:59 _etc_shadow.gz
-rw-r-----. 2 root root   41 Mar  8 01:55 _etc_spammeripblocks.gz
-rw-r--r--. 2 root root   34 Dec 12 22:58 _etc_spammers.gz
-rw-r--r--. 2 root root  272 Mar 17 15:16 _etc_wwwacct.conf.gz
-rw-------. 2 root root   81 Mar  8 01:59 _root_.my.cnf.gz
-rw-------. 2 root root 1.2K Mar  8 01:56 _var_cpanel_greylist_greylist.sqlite.gz
-rw-------. 2 root root  193 Mar  8 01:59 _var_cpanel_mysql_remote_profiles_profiles.json.gz

If it's not in that list, it's not something that cPanel is backing up.

 

[perplex]

Hi, Thank you for your speedy reply. That's exactly what I thought, and what I have too. This is a shame as I would not class this as a Full/Complete system backup by cPanel! I am now unable to see what my previous settings in sshd_config were to return my server back to what I had set prior to a breach. This makes me wonder just what other essentially important files cPanel do not include in their backups, any ideas?

 

[cPRex]

cPanel only backs up files that are necessary for the cPanel services and account restores. It's definitely not a full image-type system backup that could be used to restore the operating system.