bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 13:14 UTC
[Bug 1285] provide fallback options /etc/ssh/ssh_config
https://bugzilla.mindrot.org/show_bug.cgi?id=1285 --- Comment #17 from Damien Miller <djm at mindrot.org> --- I've committed the "SendEnv -PATTERN" patch, but it doesn't resolve the other part of the original request - that there be an easy way to remove configuration that has been set by the system ssh_config after ~/.ssh/config has been set. I'm not sure how best to do that generally, but it is possible now in a slightly non-obvious way: when CanonicalizeHostname is enabled, the configuration is parsed a second time and "match canonical" blocks are parsed last. It should be possible to use these to clear any environment variables that are undesired. Note that setting CanonicalizeHostname=yes without setting any CanonicalDomains is almost a no-op wrt hostname processing. The root cause of this is that SendEnv differs from all (?) the other config options by being additive rather than first-match-wins. I'm not sure how fixable that is, since quite a few operating systems include multiple SendEnv in their default configurations and making SendEnv consider only the first matching directive would likely break them. Maybe a proactive SendEnv ban like Flavio's patch is a good band-aid? Please let me know whether what has been committed will solve your current problems. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.