feature request: use HOME before getpwnam() in misc.c
pattonme at yahoo.com
pattonme at yahoo.com
Fri May 19 23:06:30 AEST 2017
I have several dozen ssh config files each with 20 host definitions, some with different keys based on how I'm accessing even the same host. But the config files are logically grouped in various HOMES if you will. Think of a consultant who has several clients and for sandbox and name collision reasons needs to keep them out of each other's way. Or if you rather, an operations engineer supporting multiple environments and multiple application stacks which may have external entities manage a collection of config and key files, and obviously the upstream doesn't care if there are conflicts.
Being able to key off of HOME is like a mini chroot.
Hard coding absolute paths into command lines or config files is just silly. The config file is now not sharable.
I'm simply asking that getenv() be added to the flow instead of only ever consulting getpwnam. Log a warning if HOME! =pwdir is fine is you think it merits.
Original Message
From: Reuti
Sent: Friday, May 19, 2017 07:50
To: pattonme at yahoo.com
Cc: Gert Doering; openssh-unix-dev at mindrot.org
Subject: Re: feature request: use HOME before getpwnam() in misc.c
Hi,
> Am 19.05.2017 um 13:34 schrieb pattonme at yahoo.com:
>
> I'm using bash. The shell does the correct thing.
> Sorry didn't give the use case clearly.
>
> I'm talking about the use of tilde inside client config. The example was to illustrate desired behavior. Ssh itself does not eval tilde with any consideration for environment. That is the problem.
I think it's by intention. It was just on the Bash mailing list, that even inside $PATH the ~ will be expanded (and it's not easy to get it inside, as it's expanded already at the time of assignment usually), and whether this behavior should be or not.
http://lists.gnu.org/archive/html/bug-bash/2017-05/msg00069.html
What other applications do to allow it (like the queuing system GridEngine), is to have a pseudo variable $HOME in the configuration. It's not the one from the shell per se, but they look it up in case they encounter it in the configuration.
But I'm not sure whether, it would be good to have it in `ssh`. Why not setting up two target machines in the config file?
-- Reuti
> Original Message
> From: Gert Doering
> Sent: Friday, May 19, 2017 02:19
> To: matthew patton
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: feature request: use HOME before getpwnam() in misc.c
>
> Hi,
>
> On Thu, May 18, 2017 at 09:51:04PM +0000, matthew patton wrote:
>> What is the use case?
>>
>> HOME=longpath_to_config1
>> ssh -i ~/.ssh/key1
>>
>> HOME=longpath_to_config2
>> ssh -i ~/.ssh/key2
>
> If you run things like that, the "~" is not expanded by ssh but by your shell.
>
> Try "echo ~/"...
>
> Barking up the wrong tree...
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert at greenie.muc.de
> fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list