[Bug 2906] Need something like 'Match finalpass'

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Feb 19 21:23:37 AEDT 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=2906

--- Comment #9 from Jakub Jelen <jjelen at redhat.com> ---
Well, that probably makes sense, but with configurations like following
(for simplicity rewritten from Host blocks):

  Match host ext
      Hostname bastion.ext.example.com

  Match host *.ext.example.com
      ProxyCommand ssh -q ext -W %h:%p

  Match final
      ...

Connecting to host x.ext.example.com causes a infinite recursion of
spanning ssh processes, while it works fine without the last match
block.

I am wondering, if the "match final" should not behave less like the
canonical so in the second path, the host would be matched really
against the host that was used on commandline (like originalhost) to
avoid breaking existing configurations.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list