similar to: Feedback regarding the ssh(1) Match directive

Using these escapes, the include directive can be crafted to include differing, host-specific configuration. Ronan Pigott (2): Permit %L and %l percent escapes in ssh Include Permit %L and %l percent escapes in sshd Include readconf.c | 16 +++++++++++++--- servconf.c | 17 ++++++++++++++--- 2 files changed, 27 insertions(+), 6 deletions(-) base-commit:

... and I guess your next question will be about compilation environment, so: ``` $ gcc --version gcc (Gentoo 13.2.1_p20240210 p14) 13.2.1 20240210 Copyright (C) 2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ``` I'm running on gentoo. I tested that the

This allows the localhost percent-style escapes in arguments to the Include directive. These are useful for including host-specific ssh configuration. --- readconf.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/readconf.c b/readconf.c index a2282b562df0..ad47d0e9730a 100644 --- a/readconf.c +++ b/readconf.c @@ -1030,7 +1030,8 @@

Hey there, I often want different behavior in my ssh client depending on whether I'm logging into an interactive session or running a remote non-interactive command. We can see at, say, https://unix.stackexchange.com/a/499562/305714 that this isn't a unique wish, and existing solutions are kind of baroque. Typical reasons to do this are to immediately go into a screen or tmux session; for

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

This provides a mechanism to attach arbitrary configure options into the ssh_config file and use them from the LocalCommand and ProxyCommand. Examples: # set FOO to foo LocalEnvMod FOO = foo # append bar to FOO with default separator "," LocalEnvMod FOO += bar # unset FOO LocalEnvMod FOO = # append foo to BAR with separator ":", if BAR is empty

https://bugzilla.mindrot.org/show_bug.cgi?id=2449 Bug ID: 2449 Summary: uid for expansion in ControlPath Product: Portable OpenSSH Version: 7.0p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following

This allows the localhost percent-style escapes in arguments to the Include directive. These are useful for including host-specific ssh configuration. --- readconf.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/readconf.c b/readconf.c index a2282b562df0..ad47d0e9730a 100644 --- a/readconf.c +++ b/readconf.c @@ -1030,7 +1030,8 @@

Hi, Not sure if this anyone else is interested in this but to me it seems to make sense to use different control session multiplexer sockets for bulk and interactive workloads. Index: auth.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth.c,v retrieving revision 1.94 diff -u -p -r1.94 auth.c --- auth.c 23 May 2011 03:33:38 -0000 1.94 +++

Heya, Most of the windows ssh clients (putty, securecrt) have anti-idle features. They offer either a null packet or protocol no-op or user defined string to be sent over every x seconds. Is this possible or planned with the OpenSSH client? Our draconian firewall admins have started timing out ssh sessions. Yes I'm aware I could hack up a port forwarding dumb traffic process, but was

Hello, This change is to get the IdentityFile option processed from the included configuration files. Regards, Oleg Oleg Zhurakivskyy (1): Process the IdentityFile option from the included files readconf.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) -- 2.9.3

Hello everybody, I'm a C/C++ consultant working for Ericsson. I changed the OpenSSH-Portable code to add a new criteria into the Match sshd_config option read by the sshd server. The new criteria is "Subsystem"; so a conditional block based on subsystem client request can now be added to the sshd_config configuration server file to override settings in its global section.

https://bugzilla.mindrot.org/show_bug.cgi?id=3474 Bug ID: 3474 Summary: ssh_config can escape double quotes with a backslash Product: Portable OpenSSH Version: v9.0p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

This patch series consists of minor fixes and cleanups I made during update to openssh V_4_6 branch. openssh/auth-pam.c | 9 ++++----- openssh/auth2.c | 2 -- openssh/readconf.c | 7 ++++--- openssh/servconf.c | 14 ++++++++------ openssh/sftp-server.c | 9 ++++++--- openssh/sshd.c | 2 +- 6 files changed, 23 insertions(+), 20 deletions(-) -- ldv

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

On Sat, 4 May 2024, openssh at tr.id.au wrote: > Hey there, > > I often want different behavior in my ssh client depending on > whether I'm logging into an interactive session or running > a remote non-interactive command. We can see at, say, > https://unix.stackexchange.com/a/499562/305714 that this isn't a > unique wish, and existing solutions are kind of baroque.