%h,%p,%u expansion for ControlPath
Damien Miller
djm at mindrot.org
Thu Jun 16 13:29:31 EST 2005
David Woodhouse wrote:
> On Mon, 2005-06-13 at 19:01 +1000, Damien Miller wrote:
> OK, I've checked out the OpenBSD version and I see it now. In that
> version it looks like '%p' is going to expand to '0' when the default
> port is used, instead of to '22' as it should.
Yes, I noticed that too - i'll fix it shortly.
> Do you want me to try to redo the 'persist' patch against that code? I
> can't (easily) test it until it's in the portable version.
Portable OpenSSH has been updated with the latest OpenBSD changes and
they should all be in tonight's snapshot (20050616).
I'm not sure about the persist option; it would be useful, but probably
confusing (especially amongst all the other ControlMaster options).
Maybe users should just do "ssh -nNf host" instead...
> Btw, I got another of your misguided TMDA challenges today, because I
> use a new reverse-path each day. If you must persist with this, please
> could you whitelist *.srs.infradead.org? Since all messages from those
> domains are timestamped and hash-signed¹, SMTP callouts are perfectly
> sufficient to confirm the authenticity of a mail -- you don't have to
> actually send the challenge and wait for a reply. TMDA is just making
> the spam problem worse by sending _more_ junk mail to innocent third
> parties.
TMDA in this context is no worse than "approve" messages sent from a
listbot, but they are far easier for everyone involved. If you want to
avoid them altogther then you could just subscribe to the list
(challenges aren't sent to members).
Since this is somewhat offtopic, if you want to discuss the list
configuration further, please contact me directly.
-d
More information about the openssh-unix-dev
mailing list