Bug#573316: request for new UnSendEnv directive (or change SendEnv)
Package: openssh-client
Version: 1:5.3p1-3
Severity: wishlist
The SendEnv directive is particular in the fact that it cannot be
overriden, and the feature is documented. Indeed the ssh_config(5)
man page says:
SendEnv
Specifies what variables from the local environ(7)
should be sent to the server. Note that environ-
ment passing is only supported for protocol 2.
The server must also support it, and the server
must be configured to accept these environment
variables. Refer to AcceptEnv in sshd_config(5)
for how to configure the server. Variables are
specified by name, which may contain wildcard
characters. Multiple environment variables may be
separated by whitespace or spread across multiple
^^^^^^^^^^^^^^^^^^^^^^
SendEnv directives. The default is not to send
^^^^^^^^^^^^^^^^^^
any environment variables.
This makes difficult to cancel environment variable passing. For
instance, Debian has "SendEnv LANG LC_*" in its /etc/ssh/ssh_config
and the only way for a user to disable that is to use the -F option
with his own config file. Moreover it is not possible to specify
a SendEnv directive *except* for some host(s) (note that negated
patterns work on pattern-lists only, not on Host).
A solution would be an UnSendEnv directive. An environment variable
would be sent to the server only if it is specified by SendEnv but
not by UnSendEnv.
Alternativement, SendEnv could be changed to behave like the other
directives: only the first one would be taken into account. But this
could break existing config files.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.31-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-client depends on:
ii adduser 3.112 add and remove users and groups
ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy
ii dpkg 1.15.5.6 Debian package management system
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libedit2 2.11-20080614-1 BSD editline and history libraries
ii libgssapi-krb5-2 1.8+dfsg~alpha1-7 MIT Kerberos runtime libraries - k
ii libssl0.9.8 0.9.8m-2 SSL shared libraries
ii passwd 1:4.1.4.2-1 change and administer password and
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages openssh-client recommends:
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op
ii xauth 1:1.0.4-1 X authentication utility
Versions of packages openssh-client suggests:
pn keychain <none> (no description available)
pn libpam-ssh <none> (no description available)
pn ssh-askpass <none> (no description available)
-- no debconf information
Reply to: