bugzilla-daemon at mindrot.org
2020-Apr-29 19:56 UTC
[Bug 3156] New: Prevent ~/.ssh creation
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 Bug ID: 3156 Summary: Prevent ~/.ssh creation Product: Portable OpenSSH Version: 8.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: alexandreprovencio at gmail.com Hello Guys, on my use case, i really don't need anything that is created on `~/.ssh`, except for the `known_hosts` file. I like the way the XDG specification works, so I tried changing the value of UserKnownHostsFile to something like `~/.cache/known_hosts` which works fine, but ssh still creates an empty `~/.ssh`. Can it be avoided or is it really hardcoded? -- You are receiving this mail because: You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 alexandreprovencio at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alexandreprovencio at gmail.co | |m -- You are receiving this mail because: You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- There is no way at present. Since ssh assumes pretty deeply that ~/.ssh exists, to implement this properly would require that ssh search its configuration for anything that may write to that directory before it stopped doing so. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at dtucker.net --- Comment #2 from Darren Tucker <dtucker at dtucker.net> --- (In reply to Damien Miller from comment #1)> There is no way at present. Since ssh assumes pretty deeply that > ~/.ssh existsMost of the uses I can think of are on the server side, and most of those (and the client for that matter) are read-only. I'll try moving it and see what breaks. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 --- Comment #3 from Darren Tucker <dtucker at dtucker.net> --- Created attachment 3402 --> https://bugzilla.mindrot.org/attachment.cgi?id=3402&action=edit create ~/.ssh on demand ~/.ssh/known_hosts is the only thing I could find. ssh-keygen does its own thing which looks more or less ok. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Blocks| |3162 --- Comment #4 from Darren Tucker <dtucker at dtucker.net> --- The patch has been applied and will be in the next major release. Thanks for the report. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3162 [Bug 3162] Tracking bug for 8.4 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 --- Comment #5 from alexandreprovencio at gmail.com --- That's great! Thank you lots for your time :) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3156 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Darren Tucker <dtucker at dtucker.net> --- Mass close of all bugs fixed in 8.4 release. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 3162] New: Tracking bug for 8.4 release
- [Bug 3180] New: ssh-add -d cannot take key from stdin
- [Bug 3140] New: support a token for XDG_RUNTIME_DIR
- [Bug 3157] New: known_hosts @cert-authority with legacy plain key entry drops incorrect set of HostKeyAlgorithms
- [Bug 3181] New: ssh-agent doesn't exit automatically after child program exits