ssh window
Kevin Oberman
oberman at es.net
Fri Jun 13 19:02:58 UTC 2008
> Date: Fri, 13 Jun 2008 14:43:39 -0400
> From: Garrett Wollman <wollman at bimajority.org>
> Sender: owner-freebsd-net at freebsd.org
>
> <<On Fri, 13 Jun 2008 13:04:08 +0200, Kris Kennaway <kris at FreeBSD.org> said:
>
> > Garrett Wollman wrote:
> >> Am I the only one who would be happier if openssh were not in the base
> >> system at all?
>
> > Quite possibly :)
>
> > I don't think it's at all viable to ship FreeBSD without an ssh client
> > in this day and age.
>
> If that were what I had suggested, you might have a point. I'm want
> FreeBSD to ship with an ssh client, too. I just want it shipped as a
> package, so that it's easier to delete when I'm ready to replace it
> with one that meets my requirements (about an hour after install).
> Having it be easier to update when there's a security issue would be
> an added bonus.
Replacing the base ssh with the port is utterly trivial. You already
are setting configuration options, so OVERWRITE_BASE is no more than a
few key presses and a one-liner in make.conf or src.conf is pretty
trivial.
V7---Add "WITHOUT_OPENSSH=" to /etc/src.conf
Pre-V7--=-Add "NO_OPENSSH=" to /etc/make.conf
That is all it takes.
We use SmartCards for authentication, so I already have a bunch of
systems that are configured this way.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20080613/bcd0cb1a/attachment.pgp
More information about the freebsd-net
mailing list