https://bugzilla.mindrot.org/show_bug.cgi?id=3552
Bug ID: 3552 Summary: ssh_config option RevokedHostKeys doesn't do tilde expansion on the filename Product: Portable OpenSSH Version: 9.0p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-b...@mindrot.org Reporter: dan...@spatof.org Thanks to GitHub's private key leak I got to use the RevokedHostKeys setting in ssh_config, and I realized it doesn't do tilde expansion on the filename. Specifically, this doesn't work and gives a "No such file or directory" error: RevokedHostKeys ~/.ssh/revoked_host_keys but this does work: RevokedHostKeys /Users/my_user/.ssh/revoked_host_keys This was tested on OpenSSH 9.0p1 on macOS 13.2.1; I can't test on the latest OpenSSH, but I did a quick search on the OpenSSH code on GitHub and I think this bug is still present. The IdentityFile option do tilde expansion: https://github.com/openbsd/src/blob/fba4865f1dbe0cc6c4725437366d812456e9331d/usr.bin/ssh/ssh.c#L2265 The RevokedHostKeys option does not: https://github.com/openbsd/src/blob/fba4865f1dbe0cc6c4725437366d812456e9331d/usr.bin/ssh/authfile.c#L385 Slightly related, the ssh_config man page doesn't specify that the plain text version of the RevokedHostKeys file can contain comments. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs