On Mon, Mar 19, 2012 at 9:33 AM, Neil Bothwick <n...@digimed.co.uk> wrote: > On Sun, 18 Mar 2012 02:49:56 -0600, Canek Peláez Valdés wrote: > >> > They ensure that there is an sshd configuration file and >> > give a meaningful message (including where to find the sample) if it >> > is not present, and check for the presence of the hostkeys (again >> > which are needed) and create them if they are not present. Your 9 >> > lines of sshd.service do none of this. >> >> That is completely true. I also think that those checks does not >> belong into the init script: I think the configuration file presence >> should be guarantee by the package manager at install time, and so the >> creation of the hostkeys. > > sshd is a bit of a special case. Think like CDs, like SystemRescueCD. If > the keys were created at installation time, every CD would have the same > keys, which is not particularly desirable.
I prefer "counterexample" to "special case" ... I don't like calling things "special cases" because it suggests that they're somehow more privileged than anything else, and unnecessarily weighs against software which hasn't been written yet. A similar case which falls into the same kind of circumstance: per-host IDs in mass-deployment scenarios. You see this in large arrays of similar systems; 'sbc-a3d6' 'sbc-a3d9' 'sbc-7721' ... Heck, applying something like that to live installation media would be nice; not having every new install called simply 'gentoo' by default would be very helpful in installfest scenarios. Identical hostnames screw with DHCP-driven DDNS updates. I ran into that on my home network. -- :wq
