Does OpenSSH >=7.2 support local-side tilde expansion for remote Unix socket forwarding

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I am trying to forward a gpg-agent Unix socket to a remote machine. I have tried the following two versions of the remote forwarding command:



  • A: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST

  • B: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:/home/USER/.gnupg/S.gpg-agent.extra HOST

They both report successful remote forwarding after initial ssh connection. However, option A's socket fails with debug1: connect_next: host ~/.gnupg/S.gpg-agent.extra ([unix]:~/.gnupg/S.gpg-agent.extra): No such file or directory when an actual data connection is attempted on the remote machine with gpg-connect-agent /bye while option B's socket works fine.



I want to know whether it is possible to do local home directory expansion with ssh remote forwarding command. If not, why?










share|improve this question

























    up vote
    1
    down vote

    favorite












    I am trying to forward a gpg-agent Unix socket to a remote machine. I have tried the following two versions of the remote forwarding command:



    • A: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST

    • B: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:/home/USER/.gnupg/S.gpg-agent.extra HOST

    They both report successful remote forwarding after initial ssh connection. However, option A's socket fails with debug1: connect_next: host ~/.gnupg/S.gpg-agent.extra ([unix]:~/.gnupg/S.gpg-agent.extra): No such file or directory when an actual data connection is attempted on the remote machine with gpg-connect-agent /bye while option B's socket works fine.



    I want to know whether it is possible to do local home directory expansion with ssh remote forwarding command. If not, why?










    share|improve this question























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I am trying to forward a gpg-agent Unix socket to a remote machine. I have tried the following two versions of the remote forwarding command:



      • A: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST

      • B: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:/home/USER/.gnupg/S.gpg-agent.extra HOST

      They both report successful remote forwarding after initial ssh connection. However, option A's socket fails with debug1: connect_next: host ~/.gnupg/S.gpg-agent.extra ([unix]:~/.gnupg/S.gpg-agent.extra): No such file or directory when an actual data connection is attempted on the remote machine with gpg-connect-agent /bye while option B's socket works fine.



      I want to know whether it is possible to do local home directory expansion with ssh remote forwarding command. If not, why?










      share|improve this question













      I am trying to forward a gpg-agent Unix socket to a remote machine. I have tried the following two versions of the remote forwarding command:



      • A: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST

      • B: ssh -vvv -N -R ~/.gnupg/S.gpg-agent:/home/USER/.gnupg/S.gpg-agent.extra HOST

      They both report successful remote forwarding after initial ssh connection. However, option A's socket fails with debug1: connect_next: host ~/.gnupg/S.gpg-agent.extra ([unix]:~/.gnupg/S.gpg-agent.extra): No such file or directory when an actual data connection is attempted on the remote machine with gpg-connect-agent /bye while option B's socket works fine.



      I want to know whether it is possible to do local home directory expansion with ssh remote forwarding command. If not, why?







      ssh openssh forwarding unix-sockets






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Aug 7 at 6:34









      Tanachat

      1185




      1185




















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          2
          down vote



          accepted










          The ~ must be expanded by some program. Usually this program is the shell. The sshd daemon doesn't feed the path to a shell and doesn't expand the path.



          But you don't need an expansion for the current users home directory as it is the working directory anyway.



          Try



          ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST


          Edit:



          This works because the working directory on the host (not on the client) is always the home directory of the target user.



          The ssh server doesn't expand ~ of environment variables, but it should be possible to execute code on the host to create a link or symlink to a known location that can be used by the ssh server.



          Edited as suggested by Kusalananda






          share|improve this answer






















          • This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
            – Tanachat
            Aug 8 at 21:25










          • I added a suggestion.
            – RalfFriedl
            Aug 9 at 5:36










          • The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
            – Kusalananda
            Aug 9 at 6:43










          • ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
            – Tanachat
            Aug 9 at 21:43










          • Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
            – Tanachat
            Aug 9 at 21:45

















          up vote
          1
          down vote













          The comment doesn't support newlines, so I had to put these here:




          • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


          • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


          • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work


          • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work

          As @RalfFriedl explained in his comment (copied here verbatim), "The $HOME is replaced by the client shell. This only works if $HOME on the client and $HOME on the server are the same. The ~/ is only expanded at the start of a word, not inside. So ~/XX is $HOME/XX, but XX:~/ is just XX:~/"



          For those of you who want to automate this with the RemoteForward keyword in your ssh config file, note that there is no variable expansion there, so you need to use absolute paths. Your best bet is to create a symlink to a known location and use that path for the ssh config file. I'm using the same config file across multiple platform (Ubuntu, Fedora, MacOS, ...), so that's what I'll have to do.






          share|improve this answer




















            Your Answer







            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: false,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f460963%2fdoes-openssh-7-2-support-local-side-tilde-expansion-for-remote-unix-socket-for%23new-answer', 'question_page');

            );

            Post as a guest






























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            2
            down vote



            accepted










            The ~ must be expanded by some program. Usually this program is the shell. The sshd daemon doesn't feed the path to a shell and doesn't expand the path.



            But you don't need an expansion for the current users home directory as it is the working directory anyway.



            Try



            ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST


            Edit:



            This works because the working directory on the host (not on the client) is always the home directory of the target user.



            The ssh server doesn't expand ~ of environment variables, but it should be possible to execute code on the host to create a link or symlink to a known location that can be used by the ssh server.



            Edited as suggested by Kusalananda






            share|improve this answer






















            • This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
              – Tanachat
              Aug 8 at 21:25










            • I added a suggestion.
              – RalfFriedl
              Aug 9 at 5:36










            • The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
              – Kusalananda
              Aug 9 at 6:43










            • ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
              – Tanachat
              Aug 9 at 21:43










            • Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
              – Tanachat
              Aug 9 at 21:45














            up vote
            2
            down vote



            accepted










            The ~ must be expanded by some program. Usually this program is the shell. The sshd daemon doesn't feed the path to a shell and doesn't expand the path.



            But you don't need an expansion for the current users home directory as it is the working directory anyway.



            Try



            ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST


            Edit:



            This works because the working directory on the host (not on the client) is always the home directory of the target user.



            The ssh server doesn't expand ~ of environment variables, but it should be possible to execute code on the host to create a link or symlink to a known location that can be used by the ssh server.



            Edited as suggested by Kusalananda






            share|improve this answer






















            • This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
              – Tanachat
              Aug 8 at 21:25










            • I added a suggestion.
              – RalfFriedl
              Aug 9 at 5:36










            • The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
              – Kusalananda
              Aug 9 at 6:43










            • ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
              – Tanachat
              Aug 9 at 21:43










            • Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
              – Tanachat
              Aug 9 at 21:45












            up vote
            2
            down vote



            accepted







            up vote
            2
            down vote



            accepted






            The ~ must be expanded by some program. Usually this program is the shell. The sshd daemon doesn't feed the path to a shell and doesn't expand the path.



            But you don't need an expansion for the current users home directory as it is the working directory anyway.



            Try



            ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST


            Edit:



            This works because the working directory on the host (not on the client) is always the home directory of the target user.



            The ssh server doesn't expand ~ of environment variables, but it should be possible to execute code on the host to create a link or symlink to a known location that can be used by the ssh server.



            Edited as suggested by Kusalananda






            share|improve this answer














            The ~ must be expanded by some program. Usually this program is the shell. The sshd daemon doesn't feed the path to a shell and doesn't expand the path.



            But you don't need an expansion for the current users home directory as it is the working directory anyway.



            Try



            ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST


            Edit:



            This works because the working directory on the host (not on the client) is always the home directory of the target user.



            The ssh server doesn't expand ~ of environment variables, but it should be possible to execute code on the host to create a link or symlink to a known location that can be used by the ssh server.



            Edited as suggested by Kusalananda







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Aug 9 at 21:59

























            answered Aug 7 at 6:44









            RalfFriedl

            3,5601522




            3,5601522











            • This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
              – Tanachat
              Aug 8 at 21:25










            • I added a suggestion.
              – RalfFriedl
              Aug 9 at 5:36










            • The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
              – Kusalananda
              Aug 9 at 6:43










            • ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
              – Tanachat
              Aug 9 at 21:43










            • Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
              – Tanachat
              Aug 9 at 21:45
















            • This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
              – Tanachat
              Aug 8 at 21:25










            • I added a suggestion.
              – RalfFriedl
              Aug 9 at 5:36










            • The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
              – Kusalananda
              Aug 9 at 6:43










            • ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
              – Tanachat
              Aug 9 at 21:43










            • Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
              – Tanachat
              Aug 9 at 21:45















            This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
            – Tanachat
            Aug 8 at 21:25




            This works if I start ssh session when working dir is home dir. Do you know of a way to make this work for any dir?
            – Tanachat
            Aug 8 at 21:25












            I added a suggestion.
            – RalfFriedl
            Aug 9 at 5:36




            I added a suggestion.
            – RalfFriedl
            Aug 9 at 5:36












            The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
            – Kusalananda
            Aug 9 at 6:43




            The left-hand-side is the remote part, so you need to remove ~/ from there and add it to the right-hand-side.
            – Kusalananda
            Aug 9 at 6:43












            ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
            – Tanachat
            Aug 9 at 21:43




            ssh -vvv -N -R .gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST fails, but ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works. The ~ for the remote path seems significant.
            – Tanachat
            Aug 9 at 21:43












            Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
            – Tanachat
            Aug 9 at 21:45




            Edit your answer with ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST and I'll accept it.
            – Tanachat
            Aug 9 at 21:45












            up vote
            1
            down vote













            The comment doesn't support newlines, so I had to put these here:




            • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


            • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


            • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work


            • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work

            As @RalfFriedl explained in his comment (copied here verbatim), "The $HOME is replaced by the client shell. This only works if $HOME on the client and $HOME on the server are the same. The ~/ is only expanded at the start of a word, not inside. So ~/XX is $HOME/XX, but XX:~/ is just XX:~/"



            For those of you who want to automate this with the RemoteForward keyword in your ssh config file, note that there is no variable expansion there, so you need to use absolute paths. Your best bet is to create a symlink to a known location and use that path for the ssh config file. I'm using the same config file across multiple platform (Ubuntu, Fedora, MacOS, ...), so that's what I'll have to do.






            share|improve this answer
























              up vote
              1
              down vote













              The comment doesn't support newlines, so I had to put these here:




              • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


              • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


              • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work


              • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work

              As @RalfFriedl explained in his comment (copied here verbatim), "The $HOME is replaced by the client shell. This only works if $HOME on the client and $HOME on the server are the same. The ~/ is only expanded at the start of a word, not inside. So ~/XX is $HOME/XX, but XX:~/ is just XX:~/"



              For those of you who want to automate this with the RemoteForward keyword in your ssh config file, note that there is no variable expansion there, so you need to use absolute paths. Your best bet is to create a symlink to a known location and use that path for the ssh config file. I'm using the same config file across multiple platform (Ubuntu, Fedora, MacOS, ...), so that's what I'll have to do.






              share|improve this answer






















                up vote
                1
                down vote










                up vote
                1
                down vote









                The comment doesn't support newlines, so I had to put these here:




                • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


                • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


                • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work


                • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work

                As @RalfFriedl explained in his comment (copied here verbatim), "The $HOME is replaced by the client shell. This only works if $HOME on the client and $HOME on the server are the same. The ~/ is only expanded at the start of a word, not inside. So ~/XX is $HOME/XX, but XX:~/ is just XX:~/"



                For those of you who want to automate this with the RemoteForward keyword in your ssh config file, note that there is no variable expansion there, so you need to use absolute paths. Your best bet is to create a symlink to a known location and use that path for the ssh config file. I'm using the same config file across multiple platform (Ubuntu, Fedora, MacOS, ...), so that's what I'll have to do.






                share|improve this answer












                The comment doesn't support newlines, so I had to put these here:




                • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


                • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:$HOME/.gnupg/S.gpg-agent.extra HOST works


                • ssh -vvv -N -R ~/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work


                • ssh -vvv -N -R $HOME/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-agent.extra HOST does NOT work

                As @RalfFriedl explained in his comment (copied here verbatim), "The $HOME is replaced by the client shell. This only works if $HOME on the client and $HOME on the server are the same. The ~/ is only expanded at the start of a word, not inside. So ~/XX is $HOME/XX, but XX:~/ is just XX:~/"



                For those of you who want to automate this with the RemoteForward keyword in your ssh config file, note that there is no variable expansion there, so you need to use absolute paths. Your best bet is to create a symlink to a known location and use that path for the ssh config file. I'm using the same config file across multiple platform (Ubuntu, Fedora, MacOS, ...), so that's what I'll have to do.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Aug 9 at 22:12









                Tanachat

                1185




                1185



























                     

                    draft saved


                    draft discarded















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f460963%2fdoes-openssh-7-2-support-local-side-tilde-expansion-for-remote-unix-socket-for%23new-answer', 'question_page');

                    );

                    Post as a guest













































































                    Popular posts from this blog

                    How to check contact read email or not when send email to Individual?

                    Displaying single band from multi-band raster using QGIS

                    How many registers does an x86_64 CPU actually have?