Bug#743972: openssh-client: ssh reprocesses configuration files even when CanonicalizeHostname is not set

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#743972: openssh-client: ssh reprocesses configuration files even when CanonicalizeHostname is not set
From: Uwe Storbeck <uwe@ibr.ch>
Date: Tue, 08 Apr 2014 22:59:48 +0200
Message-id: <[🔎] 20140408205948.29559.35192.reportbug@grappa.ibr.ch>
Reply-to: Uwe Storbeck <uwe@ibr.ch>, 743972@bugs.debian.org

Package: openssh-client
Version: 1:6.6p1-2
Severity: normal

Dear Maintainer,

I have an ssh configuration which allows me to easily access
local hosts (which are reachable directly) and remote hosts
(which are only reachable through a HTTP proxy). The
configuration file (simplified) looks like this:

  Host a
    Hostname 172.18.1.1
  Host b
    Hostname 172.18.1.2
  [..]
  Host *.*
    ProxyCommand nc -X connect -x gateway:8080 %h %p

The upgrade of openssh-client from version 1:6.5p1-6 to 1:6.6p1-2
breaks this configuration. ssh now reprocesses the config file
with the substituted host name even when I explicitly set
CanonicalizeHostname to no. Thus the "Host *.*" pattern matches
always and ssh tries to reach all hosts through the proxy.

CanonicalizeHostname is the only option I have found which should
trigger the reprocessing of the config file. And there seems to
be no other option to explicitly disable this behavior.

Uwe


ssh log with config file:

  Host *
    CanonicalizeHostname no
  Host a
    Hostname 172.18.1.1
  Host *.*
    ProxyCommand nc -X connect -x gateway:8080 %h %p

$ ssh -v a
OpenSSH_6.6, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /home/uwe/.ssh/config
debug1: /home/uwe/.ssh/config line 1: Applying options for *
debug1: /home/uwe/.ssh/config line 3: Applying options for a
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/uwe/.ssh/config
debug1: /home/uwe/.ssh/config line 1: Applying options for *
debug1: /home/uwe/.ssh/config line 5: Applying options for *.*
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Executing proxy command: exec nc -X connect -x gateway:8080 172.18.1.1 22
[..]
nc: Proxy error: "HTTP/1.0 504 Gateway Time-out"
ssh_exchange_identification: Connection closed by remote host


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (750, 'testing'), (650, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 3.9-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.17.6
ii  libc6             2.18-4
ii  libedit2          3.1-20140213-1
ii  libgssapi-krb5-2  1.12.1+dfsg-1
ii  libselinux1       2.2.2-1
ii  libssl1.0.0       1.0.1g-1
ii  passwd            1:4.1.5.1-1.1
ii  zlib1g            1:1.2.8.dfsg-1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.7-1

Versions of packages openssh-client suggests:
pn  keychain      <none>
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
ii  ssh-askpass   1:1.2.4.1-9

-- no debconf information

Reply to:

Prev by Date: Bug#743951: marked as done (openssh-client: upgrading from 1:6.0p1-4 to 1:6.0p1-4+deb7u1 fails in configure phase with error in update-alternatives)
Next by Date: Accepted openssh 1:6.6p1-3 (source i386 all)
Previous by thread: Bug#743951: Full apt-get dist-upgrade output
Next by thread: Accepted openssh 1:6.6p1-3 (source i386 all)
Index(es):
- Date
- Thread