On 04/01/2014 12:24, Gevisz wrote: > > After today's update of the world, emerge printed the following message: > > * Messages for package net-misc/openssh-6.4_p1-r1: > * dev-libs/openssl was built with 'bindist' - disabling ecdsa support > * Remember to merge your config files in /etc/ssh/ and then > * reload sshd: '/etc/init.d/sshd reload'. > > That was quite a surprise for me, as I never installed (open)ssh > and it is not in my world. > > After the following query: > > # equery depends --indirect openssh > > I have got the following: > > * These packages depend on openssh: > gnome-base/gvfs-1.16.4 (net-misc/openssh) > app-cdr/brasero-3.8.0 (gnome-base/gvfs) > media-gfx/gthumb-3.2.4 (cdr ? >=app-cdr/brasero-3.2) > app-editors/gedit-3.8.3 (gnome-base/gvfs) > gnome-base/nautilus-3.8.2 (>=gnome-base/gvfs-1.14[gtk]) > app-cdr/brasero-3.8.0 (nautilus ? >=gnome-base/nautilus-2.91.90) > app-text/evince-3.8.3 (nautilus ? > >=gnome-base/nautilus-2.91.4[introspection?]) > gnome-extra/sushi-3.8.1 (>=app-text/evince-3.0[introspection]) > gnome-base/nautilus-3.8.2 (previewer ? >=gnome-extra/sushi-0.1.9) > gnome-extra/sushi-3.8.1 (>=gnome-base/nautilus-3.1.90) > media-gfx/gimp-2.8.6 (gnome ? gnome-base/gvfs) > app-doc/gimp-help-2.6.1 (>=media-gfx/gimp-2.4) media-gfx/dcraw-9.10 > (gimp ? media-gfx/gimp) media-gfx/gthumb-3.2.4 (!raw ? > media-gfx/dcraw) xfce-base/thunar-1.6.2 (dbus ? > >=gnome-base/gvfs-1.10.1) (udev ? > >=gnome-base/gvfs-1.10.1[udisks,udev]) (udev ? > >=gnome-base/gvfs-1.10.1[gdu,udev]) (xfce_plugins_trash ? > >=gnome-base/gvfs-1.10.1) xfce-base/xfdesktop-4.10.2 (thunar ? > >=xfce-base/thunar-1.6[dbus]) xfce-base/xfce4-meta-4.10 > (>=xfce-base/xfdesktop-4.10) virtual/ssh-0 (minimal ? > net-misc/openssh) (!minimal ? net-misc/openssh) > > Inspecting my /etc/conf.d and /etc/init.d directories, > I have found sshd files in both of them. > > So, my main question is as follows: > > Do I really need (open)sshd and, if no, how can I properly disable > (open)sshd in my Gentoo box?
If you have gvfs, you will have openssh, presumably so you can access remote files over ssh. Why do you want to disable the daemon? Just don't run it. openssh is extremely useful for many reasons, you really don't want to not have it. The package has the client and daemons, just don;t run the sshd daemon > > I guess that one of the ways to disable (open)sshd is to make > /etc/init.d/sshd file unexacutable, but is it a clean way to do so? No, that's dumb. It gets reset every time openssh is updated. Just don't run it. It doesn't magically start by itself. If it's security you are worried about, there are 100s of packages much more troublesome, openssh is not something you should be worried about wrt security. Just don't run the daemon. > > May be, it is relevant to this question that, in the future, > I am going to employ the distributed compiling feature for > this and another Gentoo box on the same local network. Not relevant. distcc has it's own listening daemon and doesn't use ssh for file transfer > > The additional my question is as follows: > > What I am supposed to do in response to the "merge your config files > in /etc/ssh/" message above? etc-update or conf-update or similar The ebuild has a dumbass elog() statement in it which you don't really need to be there, as you should be running conf-update anyway after every emerge right? > > Thank you. > > > > > -- Alan McKinnon alan.mckin...@gmail.com
