Match on AddressFamily
Marc Haber
mh+openssh-unix-dev at zugschlus.de
Mon Jun 1 00:31:44 AEST 2026
Hi,
I have in my client config:
Match Localnetwork 2001:db8:43fa:bc82::/64
BindAddress 2001:db8:43fa:bc82::1f:100
to ask my ssh client to use a static address instead of the privacy IPv6
address when I am at my home network.
Sadly, this results in "Address family for hostname not supported" when
I try to ssh out to a server that doesn't have IPv6.
I would like to have a Match on the Address Family of the outgoing
connection, so that I can write like:
Match RemoteAddressFamily inet6 Localnetwork 2001:db8:43fa:bc82::/64
BindAddress 2001:db8:43fa:bc82::1f:100
to make this BindAddress only effective when the outgoing connection
will actually use IPv6.
I can use "Match Exec", but that needs DNS lookups every time I ssh out.
I'd prefer the ssh client to have this kind of flexibility.
It would also be fine if BindAddress would just be honored if the
Address Family of the chosen target address matches. I cannot imagine
that it is the intended behavior to make all connections to IPv4 hosts
impossible when BindAddress is used.
It would be great if I was wrong. If so, please indicate how I can have
what I want with current OpenSSH. I would be happy if that is possible.
Thanks for your consideration.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the openssh-unix-dev
mailing list