From be44e66e99ab89e7aee85ca46e8893d6635ba589 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96rjan=20Fors?= Date: Thu, 11 Jun 2026 13:11:37 +0200 Subject: [PATCH] cmd/tailscale: stop defaulting ssh username to local username (#19358) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Prevent tailscale ssh from automatically adding a username when connecting to a server, only forward one if provided. The previous behaviour prevented username overrides in the ssh configuration, since the provided username takes precedence to the configured one. This also keeps the tailscale ssh a thin wrapper around ssh by not adding any extra arguments unless required. Fixes #19357 Signed-off-by: Örjan Fors --- cmd/tailscale/cli/ssh.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/cmd/tailscale/cli/ssh.go b/cmd/tailscale/cli/ssh.go index 9efab8cf7..eb1ce37f8 100644 --- a/cmd/tailscale/cli/ssh.go +++ b/cmd/tailscale/cli/ssh.go @@ -11,7 +11,6 @@ "log" "net/netip" "os" - "os/user" "path/filepath" "runtime" "slices" @@ -59,11 +58,7 @@ func runSSH(ctx context.Context, args []string) error { username, host, ok := strings.Cut(arg, "@") if !ok { host = arg - lu, err := user.Current() - if err != nil { - return nil - } - username = lu.Username + username = "" } st, err := localClient.Status(ctx) @@ -146,7 +141,11 @@ func runSSH(ctx context.Context, args []string) error { // to use a different one, we'll later be making stock ssh // work well by default too. (doing things like automatically // setting known_hosts, etc) - argv = append(argv, username+"@"+hostForSSH) + if username == "" { + argv = append(argv, hostForSSH) + } else { + argv = append(argv, username+"@"+hostForSSH) + } argv = append(argv, argRest...)