Bug 2385 - ssh does not document relative priorities among various methods of specifying login name
Summary: ssh does not document relative priorities among various methods of specifying...
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 6.8p1
Hardware: All All
: P5 enhancement
Assignee: Darren Tucker
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-17 23:43 AEST by Jakub Jelen
Modified: 2021-04-23 15:00 AEST (History)
2 users (show)

See Also:

Attachments
proposed patch (1.22 KB, patch)
2015-04-17 23:43 AEST, Jakub Jelen 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jakub Jelen 2015-04-17 23:43:14 AEST 
Created attachment 2596 [details]
proposed patch

+++ This bug was created as a clone from Red Hat bugzilla 1196989 +++

Description of problem:
I am aware of following methods of specifying the login name to the ssh program:

1. /etc/ssh/ssh_config
2. ~/.ssh/config
3. -l option to ssh 
4. user@hostname syntax

The SSH(1) man page does not clarify behaviour in case multiple of the above options are use simultaneously. Even the ssh -vv output does not log any message in such cases.

[...]

--- Additional comments ---

From my POV, it would be useful to mention these priorities in documentation. Also I would mention that if nothing defined, username is obtained from current user. And where does live priority of -o switch.

Based on my experience and observation, the exhaustive explanation of priorities would look like this:

     1.   user specified before @ character in hostname string
     2.   login_name specified using -l switch
     3.   User option provided as a parametr to -o switch
     4.   User option in matching Host block from per-user config ~/.ssh/config
     5.   User option in matching Host block from systemwide config /etc/ssh/ssh_config
If there is nothing from above specified, username on local terminal is used.

(as attached documentation source in path, this is for readability)

Feel free to comment if I missed something or you would spell it better. It is not critical, but nice to have thing.
Comment 1 Darren Tucker 2015-04-28 15:04:10 AEST 
(In reply to Jakub Jelen from comment #0)
> Created attachment 2596 [details]
> proposed patch
> 
> +++ This bug was created as a clone from Red Hat bugzilla 1196989 +++
> 
> Description of problem:
> I am aware of following methods of specifying the login name to the
> ssh program:
> 
> 1. /etc/ssh/ssh_config
> 2. ~/.ssh/config
> 3. -l option to ssh 
> 4. user@hostname syntax
> 
> The SSH(1) man page does not clarify behaviour in case multiple of
> the above options are use simultaneously.

It's in ssh_config(5).  ssh(1) says:

"""
ssh may additionally obtain configuration data from a per-user configuration file and a system-wide configuration file.  The file format and configuration options are described in ssh_config(5).
"""

which in turn says:

"""
ssh(1) obtains configuration data from the following sources in the following order:

  1.   command-line options
  2.   user's configuration file (~/.ssh/config)
  3.   system-wide configuration file (/usr/local/etc/ssh_config)

For each parameter, the first obtained value will be used.
"""

I don't think the -l user / user@ behaviour is documented, though. 

> Even the ssh -vv output does not log any message in such cases.

If you're referring specifically to the username that ends up being used, this was recently added:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshconnect.c.diff?r1=1.260&r2=1.261
Comment 2 Damien Miller 2018-07-12 15:48:28 AEST 
as of OpenSSH 7.8, ssh uses the strict first-match-wins ordering as described in ssh_config(5)
Comment 3 Damien Miller 2021-04-23 15:00:26 AEST 
closing resolved bugs as of 8.6p1 release