diff options
| -rw-r--r-- | usr.bin/ssh/ssh.c | 22 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh_config.5 | 17 |
2 files changed, 31 insertions, 8 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index f50a8d7b975..5652a89b745 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.274 2006/03/28 00:12:31 deraadt Exp $ */ +/* $OpenBSD: ssh.c,v 1.275 2006/03/30 10:41:25 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -636,15 +636,15 @@ main(int ac, char **av) options.control_path = NULL; if (options.control_path != NULL) { - char me[NI_MAXHOST]; + char thishost[NI_MAXHOST]; - if (gethostname(me, sizeof(me)) == -1) + if (gethostname(thishost, sizeof(thishost)) == -1) fatal("gethostname: %s", strerror(errno)); snprintf(buf, sizeof(buf), "%d", options.port); cp = tilde_expand_filename(options.control_path, original_real_uid); options.control_path = percent_expand(cp, "p", buf, "h", host, - "r", options.user, "l", me, (char *)NULL); + "r", options.user, "l", thishost, (char *)NULL); xfree(cp); } if (mux_command != 0 && options.control_path == NULL) @@ -1173,9 +1173,10 @@ ssh_session2(void) static void load_public_identity_files(void) { - char *filename; + char *filename, *cp, thishost[NI_MAXHOST]; int i = 0; Key *public; + struct passwd *pw; #ifdef SMARTCARD Key **keys; @@ -1199,9 +1200,18 @@ load_public_identity_files(void) xfree(keys); } #endif /* SMARTCARD */ + if ((pw = getpwuid(original_real_uid)) == NULL) + fatal("load_public_identity_files: getpwuid failed"); + if (gethostname(thishost, sizeof(thishost)) == -1) + fatal("load_public_identity_files: gethostname: %s", + strerror(errno)); for (; i < options.num_identity_files; i++) { - filename = tilde_expand_filename(options.identity_files[i], + cp = tilde_expand_filename(options.identity_files[i], original_real_uid); + filename = percent_expand(cp, "d", pw->pw_dir, + "u", pw->pw_name, "l", thishost, "h", host, + "r", options.user, (char *)NULL); + xfree(cp); public = key_load_public(filename, NULL); debug("identity file %s type %d", filename, public ? public->type : -1); diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 5b02ef821d2..9c621336e27 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.89 2006/03/14 16:32:48 markus Exp $ +.\" $OpenBSD: ssh_config.5,v 1.90 2006/03/30 10:41:25 djm Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -548,8 +548,21 @@ and for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. +.Pp The file name may use the tilde -syntax to refer to a user's home directory. +syntax to refer to a user's home directory or one of the following +escape characters: +.Ql %d +(local user's home directory), +.Ql %u +(local user name), +.Ql %l +(local host name), +.Ql %h +(remote host name) or +.Ql %h +(remote user name). +.Pp It is possible to have multiple identity files specified in configuration files; all these identities will be tried in sequence. |