OpenSSH should have a way to allow the user to change the environment in a secure way. Using .profile (or similar) is not a solution since such rc files are not always sourced when a command is used, such as in ssh -t <host> env with the official bash (not Debian's) on the remote side. The ~/.ssh/environment solution cannot be used in practice since: 1. Values are hardcoded in the file (I have not tried, though, but things like `program` are not documented, so I suppose that this isn't possible). 2. PermitUserEnvironment is set to "no" by default, and would remain to "no" anyway if there are access restrictions (I wonder if this is really useful though, because ~/.ssh/rc probably allows the user to do much more). So, I think that sshd should have an option to allow the user to set the chosen remote shell independently of his login shell (which could also be a wrapper to the login shell, that sets up the environment). This is more or less a shorthand of: ssh ... "exec my_shell -lc ..." Alternatively, make the ~/.ssh/environment mechanism more flexible (not just "yes" or "no", and in some conditions, allow the user to run programs such as LC_CTYPE=`command` -- but as the user can run programs in his ~/.ssh/rc file, I don't think this is a problem here).
Sorry, but we aren't interested in adding more mechanisms for env setting or making the existing ones more powerful (certainly not adding shell execution to .ssh/environment). sshd_config:AcceptEnv and ssh_config:SendEnv should do almost everything you need already.
FYI, sshd_config:AcceptEnv and ssh_config:SendEnv are useless for things like locale settings, since the values are platform-specific. So, the only solution is to write a wrapper to ssh, but with the need to parse the arguments, which is not really easy...
Close bugs fixed/reviewed for openssh-5.2 release