openssh bugs - Apr 2015 - [Bug 2385] New: ssh does not document relative priorities among various methods of specifying login name

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

            Bug ID: 2385
           Summary: ssh does not document relative priorities among
                    various methods of specifying login name
           Product: Portable OpenSSH
           Version: 6.8p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Documentation
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 2596
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2596&action=edit
proposed patch

+++ This bug was created as a clone from Red Hat bugzilla 1196989 +++

Description of problem:
I am aware of following methods of specifying the login name to the ssh
program:

1. /etc/ssh/ssh_config
2. ~/.ssh/config
3. -l option to ssh 
4. user at hostname syntax

The SSH(1) man page does not clarify behaviour in case multiple of the
above options are use simultaneously. Even the ssh -vv output does not
log any message in such cases.

[...]

--- Additional comments ---
>From my POV, it would be useful to mention these priorities in
documentation. Also I would mention that if nothing defined, username
is obtained from current user. And where does live priority of -o
switch.

Based on my experience and observation, the exhaustive explanation of
priorities would look like this:

     1.   user specified before @ character in hostname string
     2.   login_name specified using -l switch
     3.   User option provided as a parametr to -o switch
     4.   User option in matching Host block from per-user config
~/.ssh/config
     5.   User option in matching Host block from systemwide config
/etc/ssh/ssh_config
If there is nothing from above specified, username on local terminal is
used.

(as attached documentation source in path, this is for readability)

Feel free to comment if I missed something or you would spell it
better. It is not critical, but nice to have thing.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at zip.com.au
             Status|NEW                         |ASSIGNED

--- Comment #1 from Darren Tucker <dtucker at zip.com.au> ---
(In reply to Jakub Jelen from comment #0)
> Created attachment 2596 [details]
> proposed patch
> 
> +++ This bug was created as a clone from Red Hat bugzilla 1196989 +++
> 
> Description of problem:
> I am aware of following methods of specifying the login name to the
> ssh program:
> 
> 1. /etc/ssh/ssh_config
> 2. ~/.ssh/config
> 3. -l option to ssh 
> 4. user at hostname syntax
> 
> The SSH(1) man page does not clarify behaviour in case multiple of
> the above options are use simultaneously.
It's in ssh_config(5).  ssh(1) says:

"""
ssh may additionally obtain configuration data from a per-user
configuration file and a system-wide configuration file.  The file
format and configuration options are described in ssh_config(5).
"""

which in turn says:

"""
ssh(1) obtains configuration data from the following sources in the
following order:

  1.   command-line options
  2.   user's configuration file (~/.ssh/config)
  3.   system-wide configuration file (/usr/local/etc/ssh_config)

For each parameter, the first obtained value will be used.
"""

I don't think the -l user / user@ behaviour is documented, though. 
> Even the ssh -vv output does not log any message in such cases.
If you're referring specifically to the username that ends up being
used, this was recently added:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshconnect.c.diff?r1=1.260&r2=1.261

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Hardware|Other                       |All
                 OS|Linux                       |All

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|unassigned-bugs at mindrot.org |dtucker at zip.com.au

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
                 CC|                            |djm at mindrot.org
             Status|ASSIGNED                    |RESOLVED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
as of OpenSSH 7.8, ssh uses the strict first-match-wins ordering as
described in ssh_config(5)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2385

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.