From owner-freebsd-stable  Thu Jan  3 13: 5:50 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from hex.databits.net (hex.csh.rit.edu [129.21.60.203])
	by hub.freebsd.org (Postfix) with SMTP id 45E4C37B41A
	for <stable@FreeBSD.ORG>; Thu,  3 Jan 2002 13:05:46 -0800 (PST)
Received: (qmail 84184 invoked by uid 1001); 3 Jan 2002 21:05:42 -0000
Date: Thu, 3 Jan 2002 16:05:42 -0500
From: Pete Fritchman <petef@databits.net>
To: Brett Glass <brett@lariat.org>
Cc: Joe Clarke <marcus@marcuscom.com>, stable@FreeBSD.ORG
Subject: Re:  Please integrate OpenSSH 3.x
Message-ID: <20020103160542.C82299@databits.net>
References: <4.3.2.7.2.20020103124027.02a29860@localhost> <4.3.2.7.2.20020103124027.02a29860@localhost> <1010087964.86152.14.camel@shumai.marcuscom.com> <4.3.2.7.2.20020103130319.02a28af0@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <4.3.2.7.2.20020103130319.02a28af0@localhost>; from brett@lariat.org on Thu, Jan 03, 2002 at 01:07:27PM -0700
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

++ 03/01/02 13:07 -0700 - Brett Glass:
| At 12:59 PM 1/3/2002, Joe Clarke wrote:
| 
| >While I haven't been following the -security thread, I'm not sure if
| >this is necessary.  The OpenSSH in FreeBSD has received specific FreeBSD
| >"localizations" to fix bugs that may have arisen.  
| 
| If so, this amounts to a fork... which runs the risk of missing
| or delaying subtle changes that might have implications for
| security or functionality. Why create work by forking the code
| rather than having the changes integrated?
| 
| >Also, the OpenSSH
| >port in /usr/ports/security/openssh-portable now supports a 
| >OPENSSH_OVERWRITE_BASE make option to replace the base SSH installation.
| 
| This is assuming that one is working from the ports and not
| the packages. Very often, we don't install the ports on a system
| because (a) they take up much space and (b) they become obsolete
| quickly.

Then install ports on one of your development machines and do:

make package -DOPENSSH_OVERWRITE_BASE and you'll have something you can
pkg_add on your new production machines.

-pete

--
Pete Fritchman [petef@(databits.net|freebsd.org|csh.rit.edu)]
finger petef@databits.net for PGP key

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message