search for: originalhost

...not change the behaviour of Host matching, whereas the description of CanonicalizeHostname says that it will! But even with canonicalisation on, only canonicalised hostnames should be matched, not any explicit changes specfied by HostName. More worryingly, the problem seems to affect "Match OriginalHost", which is also documented only ever to match the text that was given on the command-line (maybe modified by canonicalisation, depending which section of the manpage you read). The double-scan also introduces uncertainty about the order in which sections are matched, which can have serious fu...

...wise. Comment for match_hostname() (in match.c) even mentions explicitly, that the hostname is expected to be lowercased, which it has been not, since the d56b44d2dfa093883a5c4e91be3f72d99946b170 + eb6d870a0ea8661299bb2ea8f013d3ace04e2024 commit combo. I have no clear position on what to do with originalhost matching, though I would suggest handling it in the same way to prevent gotcha (maybe by lowercasing the argument passed to match_host() and not expecting the caller to do it), so the attached patch only handles (possibly expanded) hostname matching. -- You are receiving this mail because: You ar...

...t might be good to perform the comparisons as such. We can either make sure match_hostname() receives a lowercased string indeed or perform the lowercasing there (carefully as not to introduce side effects). One question is, whether *any* hostname matching should be case insensitive or whether originalhost is better left alone (I can think of reasons for case sensitive matching there, yet they seem to be bordering on misuse of the code). I've also opened https://bugzilla.mindrot.org/show_bug.cgi?id=2685 (patch is attached there as well). Thanks Kind regards Petr -- Petr Cerny Mozilla/OpenS...

https://bugzilla.mindrot.org/show_bug.cgi?id=3543 Bug ID: 3543 Summary: Add a provision to force query of login ID Product: Portable OpenSSH Version: 9.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

If I want to specify for LAN addresses that I don't want to deal with host keys, how do I do that? Understanding the risks, knowing almost everyone will say not to do this - it's a horrible idea, but deciding I want to do it anyway. Tired of having to remove entries from known_hosts with the multiple VM's I have that often change fingerprints, and am willing to live with the risks.

..., NULL, line, "command-line", 0, NULL, SSHCONF_USERCONF) != 0) exit(255); free(line); diff --git a/ssh_config.5 b/ssh_config.5 index 2931d807e..0500bc049 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -145,6 +145,8 @@ The available criteria keywords are: .Cm host , .Cm originalhost , .Cm tagged , +.Cm sessiontype , +.Cm remotecommand , .Cm user , and .Cm localuser . @@ -212,6 +214,7 @@ The other keywords' criteria must be single entries or comma-separated lists and may use the wildcard and negation operators described in the .Sx PATTERNS section. +.Pp The criteria...

... and I guess your next question will be about compilation environment, so: ``` $ gcc --version gcc (Gentoo 13.2.1_p20240210 p14) 13.2.1 20240210 Copyright (C) 2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ``` I'm running on gentoo. I tested that the

...tch exec "ping -q -c 1 -t 1 %n | grep '192\.168\.'" StrictHostKeyChecking no UserKnownHostsFile none On Wed, Aug 26, 2015 at 11:47 PM, Bostjan Skufca <bostjan at a2o.si> wrote: > (+cc list) > > You could use something in the following manner: > > Match originalhost * exec "/check/if/this/hostname/is/on/lan.sh" > ...(lan-specific opts)... > > But this one is a bit tricky to get right, as order of entries begins > to matter more than you would initially anticipate (or at least I > didn't). Also I am not using this mode with...

..., NULL, line, "command-line", 0, NULL, SSHCONF_USERCONF) != 0) exit(255); free(line); diff --git a/ssh_config.5 b/ssh_config.5 index 2931d807e..0500bc049 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -145,6 +145,8 @@ The available criteria keywords are: .Cm host , .Cm originalhost , .Cm tagged , +.Cm sessiontype , +.Cm remotecommand , .Cm user , and .Cm localuser . @@ -212,6 +214,7 @@ The other keywords' criteria must be single entries or comma-separated lists and may use the wildcard and negation operators described in the .Sx PATTERNS section. +.Pp The criteria...

Hi, I noticed the recent commit adding Match support to ssh(1). I look forward to giving it a try, but I have some initial feedback based on ssh_config.5 and an examiniation of match_cfg_line(). First, the "command" keyword could be a little deceptive. Although the man page makes the use of this keyword quite clear, my initial assumption was that the intent was to match against the

Hey there, I often want different behavior in my ssh client depending on whether I'm logging into an interactive session or running a remote non-interactive command. We can see at, say, https://unix.stackexchange.com/a/499562/305714 that this isn't a unique wish, and existing solutions are kind of baroque. Typical reasons to do this are to immediately go into a screen or tmux session; for

On Mon, Jan 18, 2010 Joachim Schipper wrote: > What this patch does can be described as follows: > > Without: > you at local$ ssh somehost > Enter passphrase for RSA key 'foo': > you at somehost$ exit > $ ssh otherhost > Enter passphrase for RSA key 'foo': > you at otherhost$ > > With: > you at local$ ssh somehost > Enter passphrase for RSA