Important bug fix for OpenSsh cme config editor

The new release of Config::Model::OpenSsh fixes a bugs that impacted experienced users: the order of Hosts or Match sections is now preserved when writing back ~/.ssh/config file.

Why does this matter ?

Well, the beginning of ssh_config man page mentions that “For each parameter, the first obtained value will be used.” and “Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end.“.

Looks like I missed these statements when I designed the model for OpenSsh configuration: the Host section was written back in a neat, but wrong, alphabetical order.

This does not matter except when there an overlap between the specifications of the Host (or Match) sections like in the example below:

Host foo.company.com
Port 22

Host *.company.com
Port 10022

With this example, ssh connection to “foo.company.com” is done using port 22 and connection to “bar.company.com” with port 10022.

If the Host sections are written back in reverse order:

Host *.company.com
Port 10022

Host foo.company.com
Port 22

Then, ssh would be happy to use the first matching section for “foo.company.com“, i.e. “*.company.com” and would use the wrong port (10022)

This is now fixed with Config::Model::OpenSsh 2.8.4.3 which is available on cpan and in Debian/experimental.

While I was at it, I’ve also updated Managing OpenSsh configuration with cme wiki page.

All the best