From owner-freebsd-questions@FreeBSD.ORG Wed Oct 31 15:52:07 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9FAA916A417 for ; Wed, 31 Oct 2007 15:52:07 +0000 (UTC) (envelope-from oscartheduck@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.233]) by mx1.freebsd.org (Postfix) with ESMTP id 3016213C4AA for ; Wed, 31 Oct 2007 15:52:07 +0000 (UTC) (envelope-from oscartheduck@gmail.com) Received: by wr-out-0506.google.com with SMTP id 70so98971wra for ; Wed, 31 Oct 2007 08:51:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=DCqDUeHLpuOGn3flijZfSFwmrVaS5SpQteCXXe5sJBY=; b=czymSIjqdM6lMa+T7zVgGWO8XGa0F8f5z/HsjxSsPD6YO0Zbx4VnHtP4krOV0SYpSxbUq9Pg6InzwMEFRmpd/GvGf77WxpKFp/M820oZYsX9m9qmJNa9kr0d4IYMS8GMCMP+8JASz2eo3ckkWRGzdGD0PYjspvaraGi2JUEg4aU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=idJG0ftETEawp3PnSpaPWsAGEZ9i9FuFn6FuOYm1sjjfsd8pJ3q0b03Od7zWuY221OeBRYBY/pHXjsb7CGzDNT5RT3aG2aMJx7rc4xa/w6iU2xFbwVDxWPGxI7MPrR6sutC/Z7b8L8B3ac4EQjm8EwttI7GWe8TUKIWxEHLxALo= Received: by 10.142.191.2 with SMTP id o2mr2058803wff.1193842371676; Wed, 31 Oct 2007 07:52:51 -0700 (PDT) Received: by 10.142.180.12 with HTTP; Wed, 31 Oct 2007 07:52:51 -0700 (PDT) Message-ID: Date: Wed, 31 Oct 2007 08:52:51 -0600 From: James To: "Michael Grant" In-Reply-To: <62b856460710310723j6d5e0928rf601195caf6a5deb@mail.gmail.com> MIME-Version: 1.0 References: <62b856460710310231h3bc517cdl20300179ac6f1a39@mail.gmail.com> <62b856460710310620v588222edj620e8519643881a3@mail.gmail.com> <62b856460710310723j6d5e0928rf601195caf6a5deb@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Questions Subject: Re: ssh X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Oct 2007 15:52:07 -0000 On 10/31/07, Michael Grant wrote: > > On 10/31/07, James wrote: > > > > > > On 10/31/07, Michael Grant wrote: > > > On 10/31/07, James wrote: > > > > > > > > > > > > > > > > On 10/31/07, Michael Grant wrote: > > > > > > > > > > If I'm sued as root and I ssh somewhere, ssh/scp reads it's files > from > > > > > /root/.ssh/. The docs say it reads from ~/.ssh which is what I > want, > > > > > but it's not doing that. When sued, the shell is properly > expanding ~ > > > > > to my home dir. > > > > > > > > > > Anyone know of a way around this behavior? > > > > > > > > > > Michael Grant > > > > > > > > > > > > su - root > > > > > > Nope. One other suggestion was 'su -l root'. This does not change > > > the situation either. > > > > > > I went into the source for ssh and it does a getuid() and then gets > > > the homedir of that uid. So no amount of fooling with su is gonig to > > > fix this. I guess it's like this for security reasons, it sure seems > > > like a bug to me. I'd have used the HOME enviroment variable. > > > > > > So far, the best fix I've found is to create some aliases in bash as > > follows: > > > > > > alias scp="scp -o User=username -i ~/.ssh/id_rsa" > > > alias ssh="ssh -l username -i ~/.ssh/id_rsa" > > > alias rsync="rsync -op -e 'ssh -l username -i > /home/username/.ssh/id_rsa'" > > > > > > > > > > > Yeah, I misread your problem. Are you saying that you want to su to > root, > > but still have some variables set as they were on the account you sued > from? > > So you have a user named Michael, say, and you su to root, but when you > ssh > > you want Michael's .ssh to be the effective one? > > Well sort of. When I su, $HOME is set to my homedir and $USER set to > mgrant. This is fine. However, ssh (when sued) doesn't read > $HOME/.ssh, it reads /root/.ssh. And it's not defaulting to logging > into the remote machine as $USER, it tries to log in as root. It does > this because it's hardwired in the code more or less as follows (I've > extracted the relevant code from ssh.c): > > original_real_uid = getuid(); > pw = getpwuid(original_real_uid); > sprintf(buf, "%s/%s", pw->pw_dir, "ssh-config"); > read_config_file(buf); > options.user = strdup(pw->pw_name); > > Like I said, it seems like a bug to me. Personally I would have done > a getenv("HOME") and getenv("USER") myself instead of depending on the > userid. Probably they had good reason for doing it the way they did > it. > > So I think the problem is unsolvable using options to su. Only > solution I found so far was the aliases above. > > Michael Grant > You could just pop your code in there and compile it as you want it. Maybe submit it back to openssh as a bugfix.