Date: Fri, 13 Jun 2008 12:02:56 -0700 From: "Kevin Oberman" <oberman@es.net> To: Garrett Wollman <wollman@bimajority.org> Cc: Kris Kennaway <kris@FreeBSD.org>, net@FreeBSD.org Subject: Re: ssh window Message-ID: <20080613190256.0B4AE4500E@ptavv.es.net> In-Reply-To: Your message of "Fri, 13 Jun 2008 14:43:39 EDT." <18514.49115.708560.587859@hergotha.csail.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_1213383776_53832P Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Date: Fri, 13 Jun 2008 14:43:39 -0400 > From: Garrett Wollman <wollman@bimajority.org> > Sender: owner-freebsd-net@freebsd.org > > <<On Fri, 13 Jun 2008 13:04:08 +0200, Kris Kennaway <kris@FreeBSD.org> said: > > > Garrett Wollman wrote: > >> Am I the only one who would be happier if openssh were not in the base > >> system at all? > > > Quite possibly :) > > > I don't think it's at all viable to ship FreeBSD without an ssh client > > in this day and age. > > If that were what I had suggested, you might have a point. I'm want > FreeBSD to ship with an ssh client, too. I just want it shipped as a > package, so that it's easier to delete when I'm ready to replace it > with one that meets my requirements (about an hour after install). > Having it be easier to update when there's a security issue would be > an added bonus. Replacing the base ssh with the port is utterly trivial. You already are setting configuration options, so OVERWRITE_BASE is no more than a few key presses and a one-liner in make.conf or src.conf is pretty trivial. V7---Add "WITHOUT_OPENSSH=" to /etc/src.conf Pre-V7--=-Add "NO_OPENSSH=" to /etc/make.conf That is all it takes. We use SmartCards for authentication, so I already have a bunch of systems that are configured this way. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 --==_Exmh_1213383776_53832P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Exmh version 2.5 06/03/2002 iD8DBQFIUsRgkn3rs5h7N1ERAmpZAKCdvYUce/MRDxu2kIFkrKsjfQfk+wCeNUtf JqOQJLDn0IwMhZE6yJDdsj8= =ctW2 -----END PGP SIGNATURE----- --==_Exmh_1213383776_53832P--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080613190256.0B4AE4500E>