openssh unix dev - Apr 2007 - Is it possible to add %u for local user to ControlPath's argument in the portable version of OpenSSH?

Hi!
>From man 5 ssh_config
>      ControlPath
>              Specify the path to the control socket used for connection
sharing as described in the
>              ControlMaster section above or the string ``none'' to
disable connection sharing.  In
>              the path, `%l' will be substituted by the local host name,
`%h' will be substituted by
>              the target host name, `%p' the port, and `%r' by the
remote login username.  It is rec-
>              ommended that any ControlPath used for opportunistic
connection sharing include at least
>              %h, %p, and %r.  This ensures that shared connections are
uniquely identified.
Question:
Could you please add an %u for the local user to the control path
setting? *pleeze* ;)

With the latest OpenSSH version on Gentoo linux
> me at myhost ~ % ssh -V
> OpenSSH_4.6p1-hpn12v16, OpenSSL 0.9.8d 28 Sep 2006
using %u gives this error:
> me at myhost ~ % ssh qqgss at dbha30.muc
> percent_expand: unknown key %u
>From http://marc.info/?l=openssh-unix-dev&m=111856810721769&w=2 and
followups I learned that it is availible in the BSD version since a few
years ago.

If %u was availible one could put

ControlMaster	auto
ControlPath	/tmp/%u@%L->%r@%h:%p

in /etc/ssh/ssh_config

and all users on a machine would benefit from connection sharing with
two centrally maintained lines of configuration and without the
following problem.

DESCRIPTION:
===========/etc/ssh/ssh_config settings are:
> ControlMaster	auto
> ControlPath	/tmp/%l->%r@%h:%p # because %u does not work
user1 on localmachine sshs to remoteaccount on remotemachine,
socket looks like:
> localmachine ~ # ls -l /tmp
> srw------- 1 user1 user1 0 19. Apr 14:05 localmachine->remoteaccount at
remotemachine:22
if now user2 on localmachine tries the same, he gets an error message
> user2 at localmachine ~ % ssh remoteaccount at remotemachine
> Control socket connect(/tmp/localmachine->remoteaccount at
remotemachine:22): Permission denied
> ControlSocket /tmp/localmachine->remoteaccount at remotemachine:22
already exists
because user1 owns a connection sharing socket of that name already.

If one could use %u in ControlPath's argument, sockets would look
like
> localmachine ~ # ls -l /tmp
> srw------- 1 user1 user1 0 19. Apr 14:06 user1 at
localmachine->remoteaccount at remotemachine:22> srw------- 1 user2 user2
0 19. Apr 14:07 user2 at localmachine->remoteaccount at remotemachine:22
and user1 as well as user2 could experience fast subsequent ssh
connections to remoteaccount at remotemachine.

Alternatives would be:
> ControlPath	~/.ssh/%r@%h:%p
...but I do not like the idea of a cluttered ~/.ssh/ with stale entries
(/tmp is usually maintained/uncluttered by tmpreaper etc, mine is on a
tmpfs, also some users' ~ are filled to the quota sometimes)

or one would have to maintain some lines in every ~/.ssh/config in every
user's home...
> ControlMaster	auto
> ControlPath	/tmp/username@%l->%r@%h:%p # because %u does not work
:(


Thank you for reading,

	Peter

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu 2007-04-19 11:12:37 -0400, Peter Fischer wrote:
> Question:
> Could you please add an %u for the local user to the control path
> setting? *pleeze* ;)
Maybe something like this would work better:

ControlPath ~/.ssh/control.%r@%h:%p

(and make sure every new user starts off with a ~/.ssh:

   mkdir /etc/skel/.ssh 

)

That way there's no possibility of collisions or deliberate denial of
service by cluttering /tmp.

        --dkg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>

iD8DBQFGKBEwiXTlFKVLY2URApntAKDAyUO1avOrUKO0Y3U0FymYcrALMACfa2S+
H7H9sY8kZuUKLQdxkXt72sw=7JvE
-----END PGP SIGNATURE-----