[OpenIndiana-discuss] Replacing OI 151 ssh with OpenSSH 5.9?
Milan Jurik
milan.jurik at xylab.cz
Wed Jan 18 20:47:12 UTC 2012
James,
James Carlson píše v st 18. 01. 2012 v 15:27 -0500:
> Milan Jurik wrote:
> > in long term you will need to do the switch anyway as it is unlikely
> > somebody will dedicate full-time taking care about improvements and also
> > sync with OpenSSH forever as SUN did. Otherwise "IllumosSSH" will loose
> > contact with the latest versions.
>
> I think that's actually a deeper issue, because it doesn't just apply to
> the intentionally-forked SSH implementation, but rather to all of the
> Illumos source. The parts that aren't owned by someone and actively
> maintained may have trouble.
>
> I don't see with SSH would be special in this regard.
>
in some way yes, it is because it represents key remote security access
to the systems and very frequently used, so leaving it in limbo or only
"somehow maintained" is not the best way. And we know there is nearly
the same component, the upstream in reality, available.
> > It would be much better to identify the needed parts and deliver them as
> > patch on top of OpenSSH releases.
>
> That's probably a bit easier said than done. The original Sun SSH team
> intentionally forked the source because there were substantial
> high-level design differences, particularly in the area of privilege
> separation.
>
> Meaningful source patches for this sort of thing are probably at least
> as hard to manage as are the sources themselves -- meaning that I
> believe you'd have no real benefit to keeping diffs instead.
>
The question is if the work done for Solaris 9 is so crucial even today.
Additionally many things changed in cooperation of both sides, many
things were merged. Will such fork have so crucial and deep in design
advantages these days?
Best regards,
Milan
More information about the OpenIndiana-discuss
mailing list