Bug 3073 - Cannot override hostname inside Match after hostname canonicalization
Summary: Cannot override hostname inside Match after hostname canonicalization
Status: CLOSED WONTFIX
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 8.0p1
Hardware: amd64 Linux
: P5 minor
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-09-21 22:20 AEST by André Breda
Modified: 2020-02-14 15:59 AEDT (History)
1 user (show)

See Also:


Attachments
ssh_config (237 bytes, text/plain)
2019-09-21 22:20 AEST, André Breda
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description André Breda 2019-09-21 22:20:40 AEST
Created attachment 3330 [details]
ssh_config

(I marked it as a bug instead of an enhancement because I found nothing in the man page that suggested I couldn't do this. It also probably applies to all hardware and OSes)

Where I work, we tend to only access our stuff from our own workstation, as an additional layer of security. Also, I don't want to type a full FQDN everytime I want to use ssh.

In order to connect to work machines I usually ssh-ed into my workstation, then to the machine that I wanted.
Eventually I got tired of the repetition, wanted to automate it and came up with the attached configuration.

However, the HostName option is not applied and it tries to connect to the canonicalized hostname (checked with -v flag).
If I replace "Match final ..." with "Host *" it works because canonicalization no longer occurs (checked with -v flag).
Comment 1 Damien Miller 2020-01-26 20:35:00 AEDT
Right - this won't work. OpenSSH's configuration is first-match-wins for most options (including Hostname), i.e. each option may only be set once and subsequent attempts to modify it are ignored.

Hostname canonicalisation counts as setting Hostname as far as the configuration is concerned. There's no practical way to avoid this I'm afraid. I suggest you find some other way to express what you're trying to do.
Comment 2 Damien Miller 2020-02-14 15:59:20 AEDT
Closing all resolved bug with release of openssh-8.2