Unset a given SendEnv?
Philipp Marek
philipp at marek.priv.at
Wed Jul 4 20:31:18 AEST 2018
Hi Damien,
> HEAD has the ability to clear one using SendEnv=-FOO, but I'm toying
> with the idea of breaking backwards compatibility and making SendEnv
> behave like the rest of the options and be first match wins.
>
> What do you all think?
Oh no, please don't.
Allowing multiple SendEnv lines makes it much easier to automatically
(and manually!) check and fix the configuration - a simple
if ! grep ... ; then echo ... >> ... ; fi
is good enough to get some known-good lines into sshd_config.
Visually it's easier to see the common, expected patterns than
to look at a line of indeterminate length as well.
So yes, SendEnv=-FOO sounds good to me.
More information about the openssh-unix-dev
mailing list