[openssh-commits] [openssh] 02/04: upstream: Add support for "Match sessiontype" to ssh_config. Allows

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Feb 15 13:16:44 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 192a20df00c8a56fe7d92ffa23d959c865d7fb9e
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Sat Feb 15 01:50:47 2025 +0000

    upstream: Add support for "Match sessiontype" to ssh_config. Allows
    
    matching on the type of session requested, either "shell" for interactive
    sessions, "exec" for command execution sessions, "subsystem" for subsystem
    requests, such as sftp, or "none" for transport/forwarding-only sessions.
    
    ok markus@
    
    OpenBSD-Commit-ID: eff5c001aecb2283d36639cfb28c0935a8bfd468
---
 readconf.c   | 15 ++++++++++++++-
 ssh_config.5 | 20 +++++++++++++++++++-
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/readconf.c b/readconf.c
index 72392d01..10adaaaa 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.395 2025/02/15 01:48:30 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.396 2025/02/15 01:50:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -856,6 +856,19 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
 			    match_pattern_list(criteria, arg, 0) == 1;
 			if (r == (negate ? 1 : 0))
 				this_result = result = 0;
+		} else if (strcasecmp(attrib, "sessiontype") == 0) {
+			if (options->session_type == SESSION_TYPE_SUBSYSTEM)
+				criteria = xstrdup("subsystem");
+			else if (options->session_type == SESSION_TYPE_NONE)
+				criteria = xstrdup("none");
+			else if (remote_command != NULL &&
+			    *remote_command != '\0')
+				criteria = xstrdup("exec");
+			else
+				criteria = xstrdup("shell");
+			r = match_pattern_list(criteria, arg, 0) == 1;
+			if (r == (negate ? 1 : 0))
+				this_result = result = 0;
 		} else if (strcasecmp(attrib, "exec") == 0) {
 			if ((cmd = expand_match_exec_or_include_path(arg,
 			    options, pw, host_arg, original_host,
diff --git a/ssh_config.5 b/ssh_config.5
index 857cabbe..6fff9c74 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,7 +33,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.408 2025/02/15 01:48:30 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.409 2025/02/15 01:50:47 djm Exp $
 .Dd $Mdocdate: February 15 2025 $
 .Dt SSH_CONFIG 5
 .Os
@@ -255,6 +255,24 @@ keyword matches against the name of the local user running
 (this keyword may be useful in system-wide
 .Nm
 files).
+.Pp
+Finally, the
+.Cm sessiontype
+keyword matches the requested session type, which may be one of
+.Cm shell
+for interactive sessions,
+.Cm exec
+for command execution sessions,
+.Cm subsystem
+for subsystem invocations such as
+.Xr sftp 1 ,
+or
+.Cm none
+for transport-only sessions, such as when
+.Xr ssh 1
+is started with the
+.Fl N
+flag.
 .It Cm AddKeysToAgent
 Specifies whether keys should be automatically added to a running
 .Xr ssh-agent 1 .

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list