folding Apple tweaks into openssh
mouring at eviladmin.org
Thu Jan 8 17:33:15 EST 2009
On Jan 7, 2009, at 5:52 AM, Jim Reid wrote:
> Hi. Apple have a bunch of patches to openssh that they have folded
> into the version that's shipped with MacOSX. Some of these are very
> convenient: like automagically starting an ssh-agent at login/boot
There is nothing to integrate for this. When you log in it starts
"ssh-agent". I've done this for years under OpenBSD and Linux using
gnome/kde. Apple just happens to do this via launchd instead of
during X11 initrc scripts or other standard X startup processes (for
good reason, since X isn't their GUI =).
> and the ability to have SSH passphrases stored and fetched from
> the Keychain.
There is already 3rd party keychain software (e.g. http://www.sshkeychain.org/)
. However, to me this more belongs with the OS provider (Redhat,
Microsoft, SuSE, Apple, etc) than OpenSSH team. This is really more
an integration issue than an OpenSSH issue.
Apple's patches pretty much boil down to GSSAPI (which upstream
version have been rejected due to complexity), launchd features
(currently still very Apple centric), and Apple only patches. There
are a few patches that would be interested to dig around to see why
Apple applies them, but no real upstream features that would improve
Interesting enough, not much has changed (other than Launchd) since
the last time I looked at the patches. Just a bit less.
More information about the openssh-unix-dev