[Bug 2050] Support XDG basedir specification

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Dec 14 13:37:42 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=2050

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|---                         |WONTFIX

--- Comment #13 from Damien Miller <djm at mindrot.org> ---
Spam-reopening this bug and making personal insults isn't going to help
your case.

We have already stated our rationale and no convincing evidence or
argument has been brought to this bug that changes out minds. To
restate our reasons:

 * OpenSSH's use of ~/.ssh predates the XDG specification by some years
 * OpenSSH is not desktop software to begin with anyway.
 * Many third-party tools, scripts and habits depend on this location.
 * OpenSSH is security software and scattering important configuration
across multiple-directories can yield unpleasant surprises

But hey, if you want to avoid ~/.ssh then you mostly can via
configuration. 

You can have ssh look for its config in a different place by putting a
line in /etc/ssh/ssh_config and override the locations for other
commonly-used files too:

Include ~/.config/local/ssh/config
UserKnownHostsFile ~/.config/local/ssh/known_hosts
IdentityFile ~/.config/local/ssh/id_ed25519

etc.

sshd can be taken care of using something in /etc/sshd_config like:

AuthorizedKeysFile ~/.config/local/ssh/authorized_keys

(I make no promise that this is all the configuration that you need
touch)

Alternately, if you're willing to recompile then it's a single line
change to make OpenSSH look in a different location for user configs:

pathnames.h:#define _PATH_SSH_USER_DIR          ".ssh"

A benefit of OpenSSH being open-source is that you're not constrained
by our decision - you're more than welcome to change this on your
systems if you prefer.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list