openssh unix dev - Feb 2020 - Configurable list of tokens to include in %C token for ControlPath?

Hi

We are using multiplexing which works well in most cases.
However we have run into a case where the '%C' token for ControlPath
isn't unique enough.
%C is a hash of:
           %l    The local hostname, including the domain name.
           %h   The remote hostname.
           %p   The remote port.
           %r    The remote username.

We have a number of different environments that each have their own
jumphost, which is used to reach a number of backend hosts.
The SSH config such an environment looks like this:

Host customer1-jumphost
  Hostname 3.25.90.121
  User admin
# Backend
Host customer1-acc-web1
  Hostname 10.0.1.55
  User admin
  ProxyJump customer1-jumphost
Host customer1-acc-web2
  Hostname 10.0.1.57
  User admin
  ProxyJump customer1-jumphost
Host customer1-prod-web1
  Hostname 10.0.1.39
  User admin
  ProxyJump customer1-jumphost
Host customer1-prod-web2
  Hostname 10.0.1.39
  User admin
  ProxyJump customer1-jumphost

We have a number of them, so the second one:

Host customer2-jumphost
  Hostname 3.132.66.18
  User admin
# Backend
Host customer2-acc-web1
  Hostname 10.0.1.12
  User admin
  ProxyJump customer2-jumphost
Host customer2-acc-web2
  Hostname 10.0.1.14
  User admin
  ProxyJump customer2-jumphost
Host customer2-prod-web1
  Hostname 10.0.1.44
  User admin
  ProxyJump customer2-jumphost
Host customer2-prod-web2
  Hostname 10.0.1.47
  User admin
  ProxyJump customer2-jumphost


The backend nodes are assigned random IP addresses but from static
pools, so it is quite common that the same backend IP exists for
different customers.
This is when things start to break as all the four components that are
used to create the %C hash are the same, so ssh-ing to one host will
actually sign you in to different host.

I've experimented a bit with combinations of other tokens but then I
eventually run into file system issues with the path being invalid or
too long.
This is what the hashing concept of %C was meant to address, but it's
static token composition can be limiting.
In my case, adding %n (The original remote hostname, as given on the
command line) to the hash would fix things.

A configuration option that defines the tokens to be included in the
hash would be ideal.
Something like "ControlPathHashTokens" which would default to the
current set of %l%h%p%r.

Is it worth submitting this as an enhancement to the bugtracker?

thx


--
Dick Visser
Trust & Identity Service Operations Manager
G?ANT