AcceptEnv LANG LC_* vs available locales

Demi Marie Obenour demiobenour at gmail.com
Wed Apr 27 11:12:07 AEST 2022


On 4/25/22 08:23, Ingo Schwarze wrote:
> Hi Harald,
> 
> Harald Dunkel wrote on Mon, Apr 25, 2022 at 10:05:43AM +0200:
> 
>> forwarding LANG and LC_* variables to the peer seems to be only
>> reasonable,
> 
> Absolutely not, what a terrible idea.
> 
> For an introduction to the topic, see
> 
>   https://undeadly.org/cgi?action=article&sid=20160308204011
> 
> The end of that article specifically discusses ssh(1).
> 
>> if the peer supports theses locales. Is there some
>> workaround for this pitfall? Do you think the server could quietly
>> ignore unknown locales?
> 
> Ignore it?  But if it does, then there is nothing it can safely do short
> of rejecting the connection.
> 
>> Every helpful hint is highly appreciated
> 
> As discussed in the above writeup, the only way to make ssh(1)
> connections safe it to manually make sure, *before connecting*,
> that the same locale is set on both sides - ideally UTF-8.

It is also safe for the locale to be different, so long as the
character encodings match.  For instance, all UTF-8 locales are
compatible.

-- 
Sincerely,
Demi Marie Obenour (she/her/hers)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xB288B55FFF9C22C1.asc
Type: application/pgp-keys
Size: 4885 bytes
Desc: OpenPGP public key
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220426/787b7327/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220426/787b7327/attachment.asc>


More information about the openssh-unix-dev mailing list