Where is cpanel backup of sshd_config?

perplex

Member
May 3, 2016
8
1
3
UK
cPanel Access Level
Root Administrator
Hello,

I recently used WHM/cPanel to do a complete backup which includes both System and Account directories. Having done this I now have these two folders with a list of ".tar.gz" files; however, nowhere in the list can I see one for "/etc/ssh/sshd_config"! Can someone please tell me what ".tar.gz" cPanel has backed it up to?

Thanks
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
4,968
612
273
cPanel Access Level
Root Administrator
Hey there! cPanel doesn't include the SSH configuration file in the system backups. Here is what I see when I check the system backups on my personal server:

Directories:

Code:
-rw-------. 2 root root  11K Apr 18 02:00 _etc_cpanel.tar.gz
-rw-------. 2 root root  12K Apr 18 02:00 _etc_mail.tar.gz
-rw-------. 2 root root 3.9K Apr 18 02:01 _etc_pki_tls_certs.tar.gz
-rw-------. 2 root root 2.2K Apr 18 02:00 _etc_proftpd.tar.gz
-rw-------. 2 root root 3.2K Apr 18 02:01 _etc_ssl.tar.gz
-rw-------. 2 root root  805 Apr 18 02:00 _etc_valiases.tar.gz
-rw-------. 2 root root  361 Apr 18 02:00 _etc_vdomainaliases.tar.gz
-rw-------. 2 root root  741 Apr 18 02:00 _etc_vfilters.tar.gz
-rw-------. 2 root root 9.1M Apr 18 02:00 _usr_local_cpanel_3rdparty_mailman.tar.gz
-rw-------. 2 root root  24M Apr 18 02:01 _var_cpanel.tar.gz
-rw-------. 2 root root  42M Apr 18 02:01 _var_lib_rpm.tar.gz
-rw-------. 2 root root  19K Apr 18 02:01 _var_named.tar.gz
-rw-------. 2 root root  779 Apr 18 02:01 _var_spool_cron.tar.gz
Files:

Code:
-rw-------. 2 root root 7.7K Apr 15 02:53 _etc_apache2_conf_httpd.conf.gz
-rw-r--r--. 2 root root 3.5K Apr  1 12:56 _etc_cpanel_exim_system_filter.gz
-rw-r-----. 2 root root  557 Apr 13 15:00 _etc_dovecot_sni.conf.gz
-rw-r--r--. 2 root root  17K Apr  1 12:56 _etc_exim.conf.gz
-rw-r--r--. 2 root root  865 Mar 23 02:54 _etc_exim.conf.localopts.gz
-rw-r--r--. 2 root root  289 Mar  8 02:24 _etc_fstab.gz
-rw-r--r--. 2 root root  542 Apr 13 12:59 _etc_group.gz
-rw-r--r--. 2 root root   29 Mar  8 02:00 _etc_ips.gz
-rw-r-----. 2 root root  119 Apr 13 12:59 _etc_localdomains.gz
-rw-r-----. 2 root root   33 Apr 17 03:02 _etc_mailips.gz
-rw-r-----. 2 root root   35 Mar 17 15:48 _etc_manualmx.gz
-rw-r--r--. 2 root root  628 Mar  8 04:25 _etc_my.cnf.gz
-rw-r--r--. 2 root root 1.5K Apr 13 12:59 _etc_named.conf.gz
-rw-r--r--. 2 root root  914 Apr 13 12:59 _etc_passwd.gz
-rw-------. 2 root root 4.3K Mar 28 23:35 _etc_pure-ftpd.conf.gz
-rw-r--r--. 2 root root   54 Mar 16 19:55 _etc_remotedomains.gz
-rw-r-----. 2 root root   37 Mar  8 01:55 _etc_secondarymx.gz
-rw-r-----. 2 root root   49 Mar  8 01:55 _etc_senderverifybypasshosts.gz
-rw-------. 2 root root  899 Apr 13 12:59 _etc_shadow.gz
-rw-r-----. 2 root root   41 Mar  8 01:55 _etc_spammeripblocks.gz
-rw-r--r--. 2 root root   34 Dec 12 22:58 _etc_spammers.gz
-rw-r--r--. 2 root root  272 Mar 17 15:16 _etc_wwwacct.conf.gz
-rw-------. 2 root root   81 Mar  8 01:59 _root_.my.cnf.gz
-rw-------. 2 root root 1.2K Mar  8 01:56 _var_cpanel_greylist_greylist.sqlite.gz
-rw-------. 2 root root  193 Mar  8 01:59 _var_cpanel_mysql_remote_profiles_profiles.json.gz
If it's not in that list, it's not something that cPanel is backing up.
 

perplex

Member
May 3, 2016
8
1
3
UK
cPanel Access Level
Root Administrator
Hi, Thank you for your speedy reply. That's exactly what I thought, and what I have too. This is a shame as I would not class this as a Full/Complete system backup by cPanel! I am now unable to see what my previous settings in sshd_config were to return my server back to what I had set prior to a breach. This makes me wonder just what other essentially important files cPanel do not include in their backups, any ideas?