| Summary: | Cannot override hostname inside Match after hostname canonicalization | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | André Breda <andrebreda> | ||||
| Component: | ssh | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | CLOSED WONTFIX | ||||||
| Severity: | minor | CC: | djm | ||||
| Priority: | P5 | ||||||
| Version: | 8.0p1 | ||||||
| Hardware: | amd64 | ||||||
| OS: | Linux | ||||||
| Attachments: |
|
||||||
Right - this won't work. OpenSSH's configuration is first-match-wins for most options (including Hostname), i.e. each option may only be set once and subsequent attempts to modify it are ignored. Hostname canonicalisation counts as setting Hostname as far as the configuration is concerned. There's no practical way to avoid this I'm afraid. I suggest you find some other way to express what you're trying to do. Closing all resolved bug with release of openssh-8.2 |
Created attachment 3330 [details] ssh_config (I marked it as a bug instead of an enhancement because I found nothing in the man page that suggested I couldn't do this. It also probably applies to all hardware and OSes) Where I work, we tend to only access our stuff from our own workstation, as an additional layer of security. Also, I don't want to type a full FQDN everytime I want to use ssh. In order to connect to work machines I usually ssh-ed into my workstation, then to the machine that I wanted. Eventually I got tired of the repetition, wanted to automate it and came up with the attached configuration. However, the HostName option is not applied and it tries to connect to the canonicalized hostname (checked with -v flag). If I replace "Match final ..." with "Host *" it works because canonicalization no longer occurs (checked with -v flag).