Date: Fri, 03 Feb 2017 10:33:49 -0800 From: John Baldwin <jhb@freebsd.org> To: freebsd-security@freebsd.org Cc: heasley <heas@shrubbery.net>, Ian Smith <smithi@nimnet.asn.au> Subject: Re: fbsd11 & sshv1 Message-ID: <3966315.aWv9gWMYE6@ralph.baldwin.cx> In-Reply-To: <20170203170452.GA40078@shrubbery.net> References: <20170127173016.GF12175@shrubbery.net> <20170203143417.C33334@sola.nimnet.asn.au> <20170203170452.GA40078@shrubbery.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, February 03, 2017 05:04:52 PM heasley wrote: > Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith: > > Nobody 'forbids' you from making such a port, for your own use and/or > > for others. See Peter Jeremy's suggestion re where it might be placed > > and what sort of dire warnings it ought to announce; I expect SO and > > ports secteam would insist on nothing less. > > > > This differs from expecting|demanding|hoping somebody ELSE should do it. > > i've already explained why I think we (as in those needing it) building > our own is a worse security approach. Its also a bit silly for all those > folks to do it themselves; for the same reason that there are binary ports. > > i'll need to modify some code, but i'll try plink instead of maintaining > my own. until then, i've built my own v1 openssh client. I think Ian is suggesting that a port is possible so long as someone will agree to maintain it. That is, if you will create and maintain the port then there will be a centralized package for it. The only trick is that someone who cares about sshv1 and will use the resulting package needs to create and maintain the port. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3966315.aWv9gWMYE6>