authorized_keys2 directory idea

Gert Doering gert at
Tue Jun 5 01:50:32 EST 2001


On Mon, Jun 04, 2001 at 01:23:15AM -0700, Jason Stone wrote:
> > OpenSSH is security software.  A lot of you keep asking for more and
> > more features, and the code keeps growing and growing and growing.
> > Assuming that the number of lines per bug is a constant, how long
> > before one of these features which noone uses becomes a hole?
> > 
> > I think it is ridiculous how some people keep demanding change.
> > 
> > Sorry, but I firmly believe that change for the sake of "I like it" is
> > stupid.
> I agree.  However, taking such a stand brings with it a risk of
> psuedo-forking.  You say you won't take this patch because the feature is
> unnecesary bloat.  The patch writer says okay, and just rolls it in
> himself on all his boxes.  He also posts it on his website, and all the
> other people who liked the idea download it and roll it into their local
> installations.

I second this - it's likely to happen sooner than later.  There are a
number of things floating around that people *do* want to see, and one
day, somebody will start "FlexSSH".  I don't think this is a good thing.

Which doesn't mean every single thinkable feature should go into the 
OpenSSH code.  But I don't think well-localized ones that touch only
a very few places are such a bad thing.

USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany                             gert at
fax: +49-89-35655025                        gert.doering at

More information about the openssh-unix-dev mailing list