bug(Windows): using `podman system connection add` with a `~` should convert it to absolute path

[axel7083]

Issue Description

TL;DR We cannot use a tilde for the identity on windows for system connections: podman should either prevent user to do it, or resolve the path

I was following the https://github.com/containers/podman/blob/main/docs/tutorials/remote_client.md tutorial and the part about adding the connections let me think I could use ~ for the identity.

podman/docs/tutorials/remote_client.md

Line 81 in 1e4287d

podman-remote system connection add myuser --identity ~/.ssh/id_ed25519 ssh://myuser@192.168.122.1/run/user/1000/podman/podman.sock

Steps to reproduce the issue

Steps to reproduce the issue

1. be on windows
2. have a distant podman machine running
3. add connection with a tilde ~

$: podman system connection add remote-tilde --identity ~/.ssh/id_ed25519 ssh://<user>@<ip>/run/user/1000/podman/podman.sock

Describe the results you received

$: podman --connection=remote-tilde info
OS: windows/amd64
provider: wsl
version: 5.4.0

Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM
Error: unable to connect to Podman socket: failed to read identity "~/.ssh/id_ed25519": open ~/.ssh/id_ed25519: The system cannot find the path specified

Describe the results you expected

The proper output of podman info of the remote

podman info output

podman version 5.4.0

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

N/A

Additional information

When we use podman system connection add we call the following code

podman/cmd/podman/system/connection/add.go

Line 144 in 72f1617

return ssh.Create(entities, sshMode)

which is inside the https://github.com/containers/common repository, specifically the problem occurs on key, err := os.ReadFile(path)¹.

Footnotes

1. https://github.com/containers/common/blob/aca5d21079aed68abaf848642e7056156df84ee9/pkg/ssh/utils.go#L99 ↩

[axel7083]

Possible solutions

Resolve Identities

Podman don't interact with the Identities argument it directly provide it to the ssh.Create it could resolve/expand it on windows (https://stackoverflow.com/questions/17609732/expand-tilde-to-home-directory)

Raise error

Podman could check the identities argument and raise an error (exit 1) and prevent the connection to be registered if the identities provided file does not exist)

Update the documentation

The documentation could be updated to mention that ~ for identities are not supported on windows, and absolute path are required

Update github.com/containers/common

The common library could be updated to resolve it, so podman would have nothing to do, the library could expand it on windows

[Luap99]

~ is resolved by the shell not the actual applications if you pass that as argument on the command line. If windows doesn't do that then this is a windows thing. I really don't think we should go down the path of special coding a ton of path lookups to resolve ~ ourselves.

But I agree we could stat the identity file on connection add to make sure it exist first and if not return a proper error there.