High Performance SSH/SCP - HPN-SSH

Tomas Mraz tmraz at redhat.com
Thu Jul 12 21:49:59 UTC 2007


On Thu, 2007-07-12 at 23:21 +0200, Alexander Boström wrote:
> tor 2007-07-12 klockan 12:02 -0400 skrev Jarod Wilson:
> 
> > Personally, I'd say lets add it to rawhide and see how it goes... Anyone
> > else have an opinion? Adding Tomas to the cc list, since he maintains
> > our openssh packages, to solicit his opinion as well...
> 
> The problem with this is that if one patch goes in, other will come
> knocking on the door. :)

Yes, that's exactly what I'm afraid of.

And then there is LDAP public key patch, and PKCS#11 patch and X509
patch and who knows what else patch etc. etc. And in the end we will
have openssh package which is so diverged from upstream that it will
take weeks of work to simply rebase to new upstream version.

Also as ssh(d) are realy security sensitive applications if there is
some unnoticed security problem in one of these patches it has much
bigger risk of staying unnoticed in public for a long time than in the
base upstream package.
-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb




More information about the devel mailing list