[Bug 3796] New: %tokens and environment variables are not expanded within `Include` statements

Fri Feb 28 18:26:29 AEDT 2025

https://bugzilla.mindrot.org/show_bug.cgi?id=3796

            Bug ID: 3796
           Summary: %tokens and environment variables are not expanded
                    within `Include` statements
           Product: Portable OpenSSH
           Version: 9.9p2
          Hardware: Other
                OS: Windows 11
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: skyler.soss at gmail.com

OpenSSH supports the use of include statements such as:

```
# /etc/ssh/ssh_config
Include ssh_config.d/%u/config
```

This allows administrators to set per-user settings. This feature is
not supported by this implementation.

If this is an intentional deviation from the standard, it should be
documented as currently the wiki links to the [OpenBSD manpage for
`ssh_config(5)`](https://man.openbsd.org/ssh_config) that specifies the
expansion behavior.
>From that page:

> Include
> Include the specified configuration file(s). Multiple pathnames may be specified and each pathname may contain glob(7) wildcards, tokens as described in the TOKENS section, environment variables as described in the ENVIRONMENT VARIABLES section and, for user configurations, shell-like ‘~’ references to user home directories.

### Technical implementation details

[This function
call](https://github.com/openssh/openssh-portable/blob/dfd9880585db1570656022f9fe1519df673f7b8a/readconf.c#L2076)
in the `oInclude` case should be called. That function call is not
present in this project's `readconf.c`.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.