RedHat forks OpenSSH?
listz at hate.cx
listz at hate.cx
Fri Nov 12 04:32:48 EST 2004
However if Theo and other did cave at every prospect of some corporation
flexing their muscles then, as he pointed out before, ssh.com would have already
subjected the project and you couldn't type "ssh" at the command line for
OpenSSH.
However, I think that if someone decides they don't agree with Red Hat's
decision or want support from this mailing list they can compile the code
from ftp.openbsd.org themselves (consequently I compile for other reasons). Red
Hat never asked us (well me anyway) whether they should make the change, we
didn't have any input. Unfortunately I am stuck with Red Hat at work, lots of
commercial applications that I must use only support Red Hat Linux (used to
support BSD's but no longer, also only the RH distro).
While I know Red Hat does some QA on packages I remember a glibc patch recently
that crapped up any system running a custom (not stock RH) kernel. They're only
human, while trying to remove ACSS they could crap something else up
inadvertantly and it shouldn't be Theo, Damien or anyone else's job on this list
(unless there are RH engineers subscribed) to support them.
I'd love to move those systems back to a BSD like I have at home, I just don't
have that luxury. At the same time I hope even though circumstances dictate I
must use Red Hat I can still come to the list with questions should I need some
help.
on Thu Nov 11 12:05, Jefferson Ogata disclosed:
> Theo de Raadt wrote:
> >Jefferson Ogata wrote:
> [attribution restored]
> >>I'm also curious why it's important to have this code in the
> >>distribution. What practical use does it serve? Shouldn't we just stick
> >>with blowfish et al anyway?
> >>
> >>I find Red Hat to be a pretty competent company, and I'm a fairly heavy
> >>user.
> >
> ><snip>
> >
> >Then you talk to them. You just lost some people's support.
>
> I don't understand the petulant attitude. All I've ever done here is to
> contribute; I've never asked for support. Why are you so married to this
> bit of code that you're willing to alienate people over it? I have no
> doubt that you understand the practical issue here: there's no point in
> including code someone--right or wrong--might sue you over, if that code
> doesn't do anything particularly useful. Of all the ciphers in openssh,
> acss is clearly the one that has been tangentially the subject of a lot
> of recent litigation, and that not for use, but for dissemination of
> code. Personally, if I can do something simple, cheap, and harmless to
> avoid getting a subpoena, I'll do it. I have mouths to feed and real
> work to do.
>
> What it's starting to sound like is that a few openssh developers
> decided it was time to use openssh to take a stand against RIAA on
> CSS--lamely, I might add: acss in openssh is completely unnecessary. If
> so, this is just going to marginalize openssh, and we should expect to
> see vendors react to protect themselves. If you don't feel like
> supporting those vendors' customers, fine--the rest of us will do it.
> But it would seem kind of selfish on the part of those who want to take
> a stand if they also use it as an excuse to avoid helping people. That's
> all it is: an excuse. I read the questions people post here; I'll be
> amazed if Red Hat's omission of acss or their modified tarball ever,
> ever arise as practical support issues.
>
> --
> Jefferson Ogata <Jefferson.Ogata at noaa.gov>
> NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
<EOF>
::[ RFC 2795 ]::
"Democracy means simply the bludgeoning of the
people by the people for the people."
-Oscar Wilde
More information about the openssh-unix-dev
mailing list