openssh unix dev - Jan 2009 - "Include" directive in ~/.ssh/config (reprise)

Hi,

About a year and a half ago, Hank Leininger posted a plea to this list  
for the inclusion of an Include directive in OpenSSH's configuration  
file.

Hank's suggestion is detailed and thorough enough IMHO, so instead of  
repeating it I'll link it here
http://marc.info/?l=openssh-unix-dev&m=118236823907002&w=2
.

I'm also interested in this feature, and though my C skills aren't  
what they never used to be, I think this is well within the range of  
my ability to undertake, if people here have no objections.

If I'll implement this feature, will it be integrated into the next  
release of OpenSSH? What's the process I should go through for that?

Cheers,
  - Yaniv

On Mon, Jan 5, 2009 at 11:12, Yaniv Aknin <yaniv at aknin.name> wrote:
> If I'll implement this feature, will it be integrated into the next
> release of OpenSSH? What's the process I should go through for that?
I subscribed to this list yesterday so don't take this email as anything
other than personal opinion, but I have been looking for just that
feature recently.
While I would not feel comfortable to apply third-party patches to
something as central and important as OpenSSH, I would definitely
use this feature if it made it into mainline.

Hank Leininger made one important mistake in his example, though:
OpenSSH resolves conflicts by looking at the last, not the first,
config option. I.e. his localoverrides would need to come last.


I might be a good idea to provide an authentication mechanism to
the Include directive. The possible attack scenarios against a
split-up Include files are a lot more and worse than if you had just
/etc/whereever/ and ~/.ssh/ to care about.


Richard