From owner-freebsd-current@freebsd.org  Thu Nov 12 12:58:26 2015
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3FA92A2B32D;
 Thu, 12 Nov 2015 12:58:26 +0000 (UTC)
 (envelope-from dewaynegeraghty@gmail.com)
Received: from mail-lf0-x242.google.com (mail-lf0-x242.google.com
 [IPv6:2a00:1450:4010:c07::242])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A77F91B1C;
 Thu, 12 Nov 2015 12:58:25 +0000 (UTC)
 (envelope-from dewaynegeraghty@gmail.com)
Received: by lffz63 with SMTP id z63so3362151lff.1;
 Thu, 12 Nov 2015 04:58:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=+YEbeAx94sUHRbCNQAyX/9q23YDGp6XAvav9UHCHOCQ=;
 b=zTuYbNTHOXplN5TSf24MKKj5EyKloUZ16UIfom8voyUMuiZTLmec9aKz/FiRq1q1Uk
 QrsBHNvCDl2AdBdYUSdZI/thGqOFcDH2uBQqPqd9+kBbJpk+XEZ1pYTl0xC087r384As
 qhM5CtKGCEXB7qBb+Mo7IQ1Wy0XE4PcY/gK1wHb+djpZ44Aw7VAzqVDLESNj+kQkIg+i
 xplnpp4DrqQuLzgwj6oaMdbDSJ7mgbPeOx8AGhpkVsMunNpE1W5Z6F8krrBrnpnIQKh+
 UAhEUP/EJBY+uvk0PHPaBi12KWYnKTXIKw9Gv06YwwQfQ05pnRIJM8AxpMnXMGlYTm7s
 SlVw==
MIME-Version: 1.0
X-Received: by 10.25.30.5 with SMTP id e5mr7055112lfe.48.1447333103788; Thu,
 12 Nov 2015 04:58:23 -0800 (PST)
Received: by 10.25.41.145 with HTTP; Thu, 12 Nov 2015 04:58:23 -0800 (PST)
In-Reply-To: <20151111184448.GR31314@zxy.spb.ru>
References: <86io5a9ome.fsf@desk.des.no> <56428E8A.3090201@FreeBSD.org>
 <56428F59.5010908@FreeBSD.org> <86y4e47uty.fsf@desk.des.no>
 <56436F4B.8050002@FreeBSD.org> <86r3jwfpiq.fsf@desk.des.no>
 <20151111181339.GE48728@zxy.spb.ru> <86io58flhk.fsf@desk.des.no>
 <20151111184448.GR31314@zxy.spb.ru>
Date: Thu, 12 Nov 2015 23:58:23 +1100
Message-ID: <CAGnMC6rMaY2a_F4qpxX4rB6n6n-tvijH74jxf8j94-2V8r_V8g@mail.gmail.com>
Subject: Re: OpenSSH HPN
From: Dewayne Geraghty <dewaynegeraghty@gmail.com>
To: Slawa Olhovchenkov <slw@zxy.spb.ru>
Cc: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= <des@des.no>, 
 freebsd-security@freebsd.org, freebsd-current@freebsd.org, 
 Bryan Drewery <bdrewery@freebsd.org>
X-Mailman-Approved-At: Thu, 12 Nov 2015 13:21:00 +0000
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2015 12:58:26 -0000

Slawa,
Heimdal is (and has been for some time) undergoing constant development.
For reasons unknown, they do not perform releases.  I am aware of updates
from heimdal that are being applied to the samba project (in fact some of
the samba developers are also feeding into heimdal).  The latest discussion
was that the heimdal project are going to release a 1.7 "sometime",
skipping 1.6 completely.

Des - good to make your intentions public.  I've enjoyed your youtube
presentations and recognise that your time will be better spent.  ( better
authentication perhaps ;) )

Bryan - is doing a good job of looking after the openssh port.  And if
folks really need those additional features, then that is the place to
enhance the "standard" offering; which can be upgraded in a pretty
straightforward manner.

Thought-provoking use of inetd perhaps its time to revisit as (an
additional) DOS measure(?)

Regards, Dewayne.
PS My apologies for the repetition Slawa, I meant to reply all earlier.
I'm recently becoming familiar with the gmail interface.

On Thu, Nov 12, 2015 at 5:44 AM, Slawa Olhovchenkov <slw@zxy.spb.ru> wrote:

> On Wed, Nov 11, 2015 at 07:18:31PM +0100, Dag-Erling Sm=C3=B8rgrav wrote:
>
> > Slawa Olhovchenkov <slw@zxy.spb.ru> writes:
> > > Can you explain what is problem?
> >
> > Radical suggestion: read the first email in the thread.
>
> I am read and don't understund (you talk about trouble of maintaining
> the HPN patches).
> I see patched version in ports. This version maintaining.
> What is problem? Differnt openssh? Quality of patches?
> Different branches?
> ports branch is worse (by some reaason) base branch?
>
> > > PS: As I today know, kerberos heimdal is practicaly dead as opensourc=
e
> > > project. Have FreeBSD planed switch to MIT Kerberos?  I am know about
> > > security/krb5.
> >
> > We switched from MIT to Heimdal at some point in the past for some
> > reason I don't remember.  MIT and Heimdal are *not* interchangeable at
>
> I think because MIT stop development in the past.
>
> > the source or binary level, so switching back is not trivial.
>
> I am know about this.
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or=
g
> "
>