Funding OpenSSH

Damien Miller djm at
Fri Mar 24 10:32:04 EST 2006


This mail is a request for vendors who have integrated OpenSSH into
their products or devices to step up and provide some financial
assistance back to the project. Please note that this request is 
intended for *vendors* - our individual userbase already helps us in 
every appropriate way.

You may have noticed a similar request for OpenSSH/OpenBSD funding made
by Marco Peereboom in this last couple of days, but I would like to
reiterate: money donated to the project goes directly to development,
either by funding individual developers for medium-long term projects or
by putting developers in a room together, without distractions so they
can improve OpenSSH. 

Having long term developers around ensures that small and "boring, but
important changes" receive the attention that they deserve. OpenSSH 
hasn't had 9am-5pm developer attention for a while, but we believe it
would greatly benefit from it.

The second consumer of funds above refers to the annual hackathons
that the OpenBSD project runs. These provide a forum where major
functionality improvements can be initiated, fleshed out, reviewed and
committed. The last two hackathons alone have been directly responsible

- Fixing of dozens of bugs
- The addition of connection multiplexing
- The idea for the layer-2/layer-3 VPN over SSH released in 4.3
- The implementation of auto-reexecution
- Many proactive signed vs. unsigned integer cleanups

... and a bunch of other improvements and ideas at various stages of
conception and development. There really isn't a substitute for pulling
a bunch of developers from around the world to focus on one thing for a
solid week.

Many vendors have integrated OpenSSH into their operating systems or
devices and quite a few of these proudly list the secure management
ability that OpenSSH provides as a major feature in their marketing
material - something which translates directly to product sales.

This is an opportunity for these vendors to give somthing back. For
a relatively tiny amount of money, you can help ensure that OpenSSH
continues to extend its functionality and proactively improve security.
If you are interested, please email myself, Markus Friedl and/or Theo de

 - Damien Miller <djm at>
 - Markus Friedl <markus at>
 - Theo de Raadt <deraadt at>

If you work for a vendor who uses or has integrated OpenSSH, please
consider this request and forward it to anyone else in your organisation
who is able to assist.

Damien Miller

More information about the openssh-unix-dev mailing list