%h,%p,%u expansion for ControlPath

[Damien Miller]

David Woodhouse wrote:
> On Mon, 2005-06-13 at 19:01 +1000, Damien Miller wrote:
> OK, I've checked out the OpenBSD version and I see it now. In that
> version it looks like '%p' is going to expand to '0' when the default
> port is used, instead of to '22' as it should.

Yes, I noticed that too - i'll fix it shortly.

> Do you want me to try to redo the 'persist' patch against that code? I
> can't (easily) test it until it's in the portable version.

Portable OpenSSH has been updated with the latest OpenBSD changes and
they should all be in tonight's snapshot (20050616).

I'm not sure about the persist option; it would be useful, but probably
confusing (especially amongst all the other ControlMaster options).
Maybe users should just do "ssh -nNf host" instead...

> Btw, I got another of your misguided TMDA challenges today, because I
> use a new reverse-path each day. If you must persist with this, please
> could you whitelist *.srs.infradead.org? Since all messages from those
> domains are timestamped and hash-signed¹, SMTP callouts are perfectly
> sufficient to confirm the authenticity of a mail -- you don't have to
> actually send the challenge and wait for a reply. TMDA is just making
> the spam problem worse by sending _more_ junk mail to innocent third
> parties.

TMDA in this context is no worse than "approve" messages sent from a
listbot, but they are far easier for everyone involved. If you want to
avoid them altogther then you could just subscribe to the list
(challenges aren't sent to members).

Since this is somewhat offtopic, if you want to discuss the list
configuration further, please contact me directly.

-d