> Date: Fri, 13 Jun 2008 14:43:39 -0400 > From: Garrett Wollman <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > > <<On Fri, 13 Jun 2008 13:04:08 +0200, Kris Kennaway <[EMAIL PROTECTED]> said: > > > Garrett Wollman wrote: > >> Am I the only one who would be happier if openssh were not in the base > >> system at all? > > > Quite possibly :) > > > I don't think it's at all viable to ship FreeBSD without an ssh client > > in this day and age. > > If that were what I had suggested, you might have a point. I'm want > FreeBSD to ship with an ssh client, too. I just want it shipped as a > package, so that it's easier to delete when I'm ready to replace it > with one that meets my requirements (about an hour after install). > Having it be easier to update when there's a security issue would be > an added bonus.
Replacing the base ssh with the port is utterly trivial. You already are setting configuration options, so OVERWRITE_BASE is no more than a few key presses and a one-liner in make.conf or src.conf is pretty trivial. V7---Add "WITHOUT_OPENSSH=" to /etc/src.conf Pre-V7--=-Add "NO_OPENSSH=" to /etc/make.conf That is all it takes. We use SmartCards for authentication, so I already have a bunch of systems that are configured this way. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
pgpbTCBwj2u0g.pgp
Description: PGP signature
