[Bug 3110] New: Add a new ControlPath option: %a

[bugzilla-daemon at bugzilla.mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=3110

            Bug ID: 3110
           Summary: Add a new ControlPath option: %a
           Product: Portable OpenSSH
           Version: 8.1p1
          Hardware: amd64
                OS: Mac OS X
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: me at cweagans.net

A couple of web hosting providers that I work with have really long
usernames and hostnames like this:

codeserver.dev.1f1576dd-fa95-400c-a179-7ae962373aab at codeserver.dev.1f1576dd-fa95-400c-a179-7ae962373aab.foo.bar:2222


If I have `ControlPath ~/.ssh/control/%r@%h:%p` in my ~/.ssh/config, I
get an error about the ControlPath being too long when I try to SSH
into one of those hosts. There's not a lot I can do about that as a
user and it's pretty frustrating to just have to disable connection
multiplexing.

I started thinking about this and I was wondering what it would take to
add a new token for the ControlPath option like %a. If you used this
token, you'd get a sha256 hash of the values of "%r@%h:%p". This would
shorten up a ControlPath quite a bit at the cost of knowing which
socket is which.

Personally, I wouldn't care too much about that tradeoff, but I may
also not understand the security implications. I'd also be very open to
other alternatives here if there's another way.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.