On Sat, Feb 28, 2009 at 03:13:06PM +1300, Morgan Read wrote:
> So
> Which environment variable does ssh use to determine where it looks for
> it's keys? I assumed it would be HOME, but under sudo HOME is set to
> the home directory of the user executing sudo not root's home.
I happen to have 4.4p1 source lying about, so:
pathnames.h:#define _PATH_SSH_CLIENT_ID_RSA ".ssh/id_rsa"
readconf.c:
if (options->protocol & SSH_PROTO_2) {
len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
options->identity_files[options->num_identity_files] =
xmalloc(len);
snprintf(options->identity_files[options->num_identity_files++],
len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
options->identity_files[options->num_identity_files] =
xmalloc(len);
snprintf(options->identity_files[options->num_identity_files++],
len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
}
So, at this point there's a string that contains "~/.ssh/id_rsa".
ssh.c:
if ((pw = getpwuid(original_real_uid)) == NULL)
fatal("load_public_identity_files: getpwuid failed");
if (gethostname(thishost, sizeof(thishost)) == -1)
fatal("load_public_identity_files: gethostname: %s",
strerror(errno));
for (; i < options.num_identity_files; i++) {
cp = tilde_expand_filename(options.identity_files[i],
original_real_uid);
where original_real_uid is set somewhere earlier in ssh.c. I won't
try to track it down any further (especially since I'm looking at
out-of-date sources), but it sure looks like it's evaluating the
home directory based on the current uid or euid, rather than the
contents of $HOME.
