IdentityFile option escape sequences
Gawain Bolton
gawain.bolton at thalesgroup.com
Thu Apr 27 17:34:41 EST 2006
Hello,
I'm using openssh-4.3p2 compiled for sparc-sun-solaris2.8. I'm trying
to use the IdentityFile option with the escape sequences for the remote
host name (%h) and remote user name (%r) as documented in ssh-config
<http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5&arch=&apropos=0&manpath=OpenBSD+Current>.
It seems the escape sequences do not work. I have tried both using the
command like option and an ssh-config file and the results are the same
- it seems the escape sequences do not get expanded. The example below
shows that the option is _seen _by ssh, but the esacpe sequences are not
expanded.
sftp -v -oPasswordAuthentication=no
-oIdentityFile=/var/opt/oss/data/config/ssh/%h_%r_id_dsa temip at bt1sss5t
Connecting to bt1sss5t...
OpenSSH_4.3p2, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to bt1sss5t [142.4.151.6] port 22.
debug1: Connection established.
debug1: identity file %h_%r_id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'bt1sss5t' is known and matches the RSA host key.
debug1: Found key in /usr/users/temip/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
*debug1: Trying private key: %h_%r_id_dsa*
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,password,keyboard-interactive).
Connection closed
The private key *%h_%r_id_dsa* not at all what I was expecting. Rather,
I was expecting:
/var/opt/oss/data/config/ssh/bt1sss5t_temip_id_dsa
I apologize in advance if this is a known problem or I am doing
something which is known to be a stupid thing neophytes do... In my
defense, my searching of the mailing list archives and the web turned up
nothing.
Cheers,
Gawain
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gawain.bolton.vcf
Type: text/x-vcard
Size: 201 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20060427/9d456cec/attachment.vcf
More information about the openssh-unix-dev
mailing list