Suggestion for %h in ControlPath - openssh

This is a discussion on Suggestion for %h in ControlPath - openssh ; Hi. Just a suggestion : in the ControlPath syntax, you could add a %H that would expand to the name of the "Host" specification matched, + %h. In my opinion, when you add a "Host" paragraph with a different name ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Suggestion for %h in ControlPath

  1. Suggestion for %h in ControlPath

    Hi.

    Just a suggestion : in the ControlPath syntax, you could add a %H that
    would expand to the name of the "Host" specification matched, + %h.

    In my opinion, when you add a "Host" paragraph with a different name
    for the same target host, generally you dont want to reuse the same
    control socket. Of course you can write different ControlPath
    directives in each specification paragraph, but i would find it better
    to be able to avoid it. And there can be people adding specifications
    without even knowing realizing that will reuse the same ControlPath.
    (that has been my case recently, as you might have guessed ).

    Best regards,

    --
    Raphael Payen
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  2. Re: Suggestion for %h in ControlPath

    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)

    iQIVAwUBSM6pTczS7ZTSFznpAQJGOA/7Bv/g0sga9rZUYYS+KL2V5BykDpbezy5L
    +S2gkK/4p60ZGDU1rb4hNLPGln0KUsc6aP6FJyYBSzE3EzsbmggMc2Plb 4QRrn2S
    C/3D2kUBks43a60qr8Q5pAJlRcjyfcobtHCY2kHCGafTTwmlOj2F NCG5XrPwNPQa
    jjXPib1sXPQYN6tBDTlEmjQjZOVvjyO5h0NocG245g6yKXosSP QaAfuAbz2H03UZ
    d8VxJK8FcvtzBY2HvxBxAgJFdH0Vyp/oyGHW5sNL+VxAuxK5yKhisvqULzS3H6pL
    wIcQHrcdUjetyWa//awslxlWyGnFQXpuAwLOcmClupjchBFwu615Yx/m3AMXZx13
    zV+OxdJcpL6I8CW255sPYcIN1jKMFzQmUaToDOxiu/D5DWCFLATbeQc6lTRWwUQg
    A71bPXis7b35byGFVWuTorDyEDqK6Cn/cOtaRgKJk2f6j1a/l/ClnNcMS+5WWyiT
    RyuLqcWiQjXqc2uVZoIeDEiGUSwklqUXswoqAnWoXfNvvzfbDs fMSqsfMRoXdJKY
    4W5Pzc+N+z8yekgM6P+a9tQJyfv/4ahLFhpB9zhBu/2VdkHwG2So23IlMYSLJmgw
    7pCA0qitMr3R57iwoUFFC5Lt+Dg2sjwC292r94aQD8pH/0h16s2s9Sp4P6yiibq4
    VXcefZfWq4I=
    =tYgF
    -----END PGP SIGNATURE-----

  3. Re: Suggestion for %h in ControlPath

    (sorry for the delay)

    On Sep 15, 8:28 pm, d...@fifthhorseman.net (Daniel Kahn Gillmor)
    wrote:
    > > Just a suggestion : in the ControlPath syntax, you could add a %H that
    > > would expand to the name of the "Host" specification matched, + %h.
    > >[...]

    >
    > have you tried including the user and port in the ControlPath? I find
    > that's usually sufficient to distinguish between separate Host stanzas.
    >
    > My default ControlPath setting looks like this:
    >
    > ControlPath ~/.ssh/m/%r@%h:%p


    Yes i also have %h-%p-%r in my ControlPath

    My case is (was) : i use 2 different id_rsa keys to ssh from home
    to my work computer which is behind a gate, or only to the gate.
    In the authorized_keys file on the gate, one of the keys has a
    command prepended:
    command="/bin/sh -c '/usr/bin/ssh -l login office_ip_address \
    ${SSH_ORIGINAL_COMMAND}"
    so it looks for me as if i had sshed straight to my office computer.

    And the choice of which id_rsa key to use is determined in the
    Host stanza matched by the command that i type at home :
    "ssh office" or "ssh gate". Since i am the same user, going to the
    same machine (the gate), on standard port, %h-%p-%r is identical,
    and the first id_rsa key used stays used whatever i type.
    So i wrote a separate ControlPath directive, which solved my problem.

    I dont know if such cases can be common and if this can be worth
    adding a ControlPath syntax, but my subjective opinion is that it
    could be useful.

    --
    Raphael Payen

+ Reply to Thread