On 17/04/15 19:58, Mikael Nordfeldth wrote:
So it boils down to the -i parsing with a percent sign (which doesn't
expand) it seems. Anyone else experiencing this or can reproduce it?
Yes, openssh doesn't like a % in the -i parameter:
- If you provide a %, inside load_public_identity_files it attempts to
treat it
as an expand sequence, and thus fails.
- If you provide a %% (which expands to a single %), then the stat(2) done
before add_identity_file() makes it to fail, and such path doesn't even
reach load_public_identity_files.
As a workaround, you can provide the key file with the -o option:
ssh -o IdentityFile=/srv/www/example.com/%%/.ssh/id_rsa user@xxxxxxxxxxx
The following patch makes ssh to ignore the stat failure if the -i argument
contains a % character:
diff --git a/ssh.c b/ssh.c
index 0ad82f0..e0c574f 100644
--- a/ssh.c
+++ b/ssh.c
@@ -705,7 +705,7 @@ main(int ac, char **av)
options.gss_deleg_creds = 1;
break;
case 'i':
- if (stat(optarg, &st) < 0) {
+ if (stat(optarg, &st) < 0 && strchr(optarg, '%')
== NULL) {
fprintf(stderr, "Warning: Identity file
%s "
"not accessible: %s.\n", optarg,
strerror(errno));
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev