Kern Sibbald kern at sibbald.com
Sun Dec 12 03:43:05 EST 1999


I have just joined your mailing list, and I thought I would introduce
myself.  My name is Kern Sibbald, I live in Switzerland, and I
am not a US citizen or employed by any company (no license problems).
I've been programming for about 35 years now and would like to possibly
make a few contributions to OpenSSH.

I had previously installed ssh 1.x? then ssh2, which is rather nice,
but when I read the license, I was horrified about the changes
between 1.x and 2 so I removed it from my system. Then a month later
I stumbled on OpenSSH.  Neat and thanks.  I now have it running on my
system, but it wasn't easy and there are a lot of things that I don't
yet understand, like why it always use 3des when I am me (kern) and
uses blowfish (as configured) when I am root, and why I cannot seem
to make it do RSAHost authorization and RSA user authorization.  It
does RSAHost authorization if I connect as root and RSA user authorization
if I connect as kern.  At least that is how I interpret the debug output.

I thought I might contribute in the following ways:

1. Correct/enhance the manual where I found errors and deficiencies (for
example, it wasn't immediately clear the distinction between RSA
authentication and RSH host authentication.  If one substitutes
RSA user authentication for the former, things become a bit easier
to understand.

2. Provide a step by step installation for dummies like myself.  There are
a zillion files to be setup to get it working after the "make install" and 
are a number of traps such as /etc/shosts is not used for root access 

3. I don't like the idea that the identity files and authorized_keys are 
kept in
the user's home directory. That is certainly a valid option, but on my
system, I want everything kept in /etc/ssh,  and subdirectories,
and only readable by root.  ssh2 permitted this with the
UserConfigDirectory configuration statement.  I'd like to add the code
to do this in OpenSSH.

By the way, for the next 6 or 7 months I don't have a lot of time to 
to this (max 20%).

Does this interest you?

Best regards,


More information about the openssh-unix-dev mailing list