New x11-ssh-askpass release available

Philip Hands phil at hands.com
Tue Dec 14 03:55:45 EST 1999


Damien Miller <djm at mindrot.org> writes:

> I am considering seperating the gnome and the perl-tk askpasses out 
> of the tree that I distribute.
> 
> Since Markus added the ability to choose which particular askpass 
> program is used at runtime it makes sense to offer a few different
> packages.
> 
> If Jim has no objection, I might start RPM packaging his askpass 
> program and distributing it with the other RPMs I build.

Can we call it ssh-askpass-x11 in that case, because it makes it
easier to find in file listings.  I would like to package it for
debian, regardless of whether it gets put in the main source tree.

Is there really any need for us to have more than one of these?

> The perl-tk askpass concerns me a bit. Perl is a big interpreted 
> language with plenty of opportunities for a users passphrase to
> end up in VM and no way to ensure its erasure.

I think dropping this is probably the right thing to do.  It was good
to have a fix for when there was nothing else available, but I cannot
see anyone choosing the perl-tk option over one of the other two.

I'm going to stop packaging ssh-askpass-ptk as soon as the
ssh-askpass-x11 package gets done.  I'm only holding back on that
because I was wondering what version numbers we'd end up using for it
(1999... or 1.2pre...)

I think the right thin to do is to make Jim's implementation the
default ssh-askpass and include that in the OpenSSH source tree.

A separate package of ssh-askpass-gnome is fair enough if you think
that some people will opt for it over ssh-askpass, but otherwise just
gives people a choice they don't need.  I'll probably make the
packages conflict anyway, so that it's a systemwide decision.

Cheers, Phil.







More information about the openssh-unix-dev mailing list