There is no apparent way to give the ssh command line tool an option value, either on the command line or in the ssh_config file, which includes a double-quote (") character (ASCII 34). Neither doubling the quotation mark nor escaping it with a backslash seem to work. The manual pages do not describe any other escape syntax. Either an escape mechanism should be added, or (if one already exists) the documentation should be updated to describe it clearly. Background: On some systems (in my particular case, it's MacOS 10.5), it is possible for a user's login name to contain a double-quotation mark character. There does not seem to be any way to provide a username of this kind to the command line tool, either via the configuration file or using the command-line "-o User=xxx" syntax. If no escape mechanism exists for this case, I would recommend using doubling to denote internal quotes. This avoids the need to also quote a separate escape character, and should not disturb existing configuration files.
I think the correct approach for this would be to adapt sftp.c:makeargv() for use in servconf.c/readconf.c. These would need to abandon strdelim() and pass around an argc/argv and a current arg offset. This would have the added benefit of making argument parsing behave in a much more shell-like manner in the client and server configs.
We are freezing for the OpenSSH 5.6 release. Retargetting these bugs to the next release.
Targetting OpenSSH 5.7
Retarget unclosed bugs from 5.7=>5.8
Retarget unresolved bugs/features to 6.0 release
Retarget unresolved bugs/features to 6.0 release (try again - bugzilla's "change several" isn't)
Retarget from 6.0 to 6.1
Retarget 6.0 => 6.1
Retarget uncompleted bugs from 6.1 => 6.2
Retarget bugs from 6.1 => 6.2
retarget to openssh-6.3
Retarget to openssh-6.4
Retarget 6.3 -> 6.4
Retarget incomplete bugs / feature requests to 6.6 release
Retarget to 6.7 release, since 6.6 was mostly bugfixing.
Remove from 6.6 tracking bug
Retarget incomplete bugs to 6.8 release.
These bugs are no longer targeted at the imminent 6.7 release
OpenSSH 6.8 is approaching release and closed for major work. Retarget these bugs for the next release.
Retarget to 6.9
auth2-pubkey.c's split_argv() would be better choice than sftp.c:makeargv(), as the latter has a bunch of goop to deal with glob characters that isn't relevant to argument parsing. Another option is a more drastic replacement of the config language, which has been discussed a little.
Retarget pending bugs to openssh-7.1
Retarget to openssh-7.3
retarget unfinished bugs to next release
OpenSSH 7.4 release is closing; punt the bugs to 7.5
Move incomplete bugs to openssh-7.6 target since 7.5 shipped a while back. To calibrate expectations, there's little chance all of these are going to make 7.6.
remove 7.5 target
Created attachment 3038 [details] teach strdelim a set of escapes This teaches misc.c:strdelim() a few escape sequences that can be used in quoted strings. The sequences aren't accepted elsewhere. I'm unsure of whether this will break any existing configurations, but I can't think of many cases where '\' could appear in existing strings.
(In reply to Damien Miller from comment #34) [...] > I'm unsure of whether this will break any existing configurations, > but I can't think of many cases where '\' could appear in existing > strings. I can think of one example: Windows domain\user notation, although I don't know if that would show up here.
This has been committed and will be in OpenSSH 7.7 commit 713d9cb510e0e7759398716cbe6dcf43e574be71 (HEAD -> master) Author: djm@openbsd.org <djm@openbsd.org> Date: Fri Mar 2 03:02:11 2018 +0000 upstream: Allow escaped quotes \" and \' in ssh_config and sshd_config quotes option strings. bz#1596 ok markus@ OpenBSD-Commit-ID: dd3a29fc2dc905e8780198e5a6a30b096de1a1cb
This attempt to implement escaped quotes caused regressions in existing configurations. I'll try again after the 7.7 release.
Move to OpenSSH 7.8 tracking bug
Retarget remaining bugs planned for 7.8 release to 7.9
Retarget unfinished bugs to OpenSSH 8.0
Retarget outstanding bugs at next release
Retarget these bugs to 8.2 release
Prepare for 8.2 release; retarget bugs
Retarget bugs to 8.4 release
retarget to 8.6
retarget after 8.6p1 release
sshd_config got a new string tokeniser in commit a10f929d and ssh_config got the same treatment in commit ea9e45c89 Both support quoted strings, quoted space and quoted quotes in strings.
closing bugs resolved before the openssh-8.9 release