[Bug 3543] Add a provision to force query of login ID

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Feb 20 15:45:20 AEDT 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3543

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at dtucker.net

--- Comment #2 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Carl Ponder from comment #0)
> That way ssh & scp operations embedded into scripts wouldn't have to
> be adjusted every time the ID changes.

You could achieve the same effect as what you're asking for with a
couple of extra lines in those scripts:

  printf "Username: "
  read user
  scp $user at whatever ...

so the script is prompting instead of ssh, but from the user's POV it'd
look the same.

> Also I tried (the longshot)
> of overwriting the $USER variable, but it had no effect.

ssh looks up the username from the id's password entry since in the
past it could be installed setuid so we couldn't trust the environment.
 setuid installations are no longer supported, however and looking up
USER would be trivial, in ssh.c:

        if (options.user == NULL)
-               options.user = xstrdup(pw->pw_name);
+               options.user = getenv("USER") ? getenv("USER") :
+                  xstrdup(pw->pw_name);

however it would be a user-visible behaviour change.  I don't know how
many installations would have $USER but have it set to something
different, though.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list