[OpenIndiana-discuss] Replacing OI 151 ssh with OpenSSH 5.9?
Gary
gdriggs at gmail.com
Wed Jan 18 22:59:46 UTC 2012
On Wed, Jan 18, 2012 at 2:22 PM, Bill Sommerfeld wrote:
> They're needed so that sshd correctly uses solaris's version of PAM and audit
> and other subsystems like that.
OpenSSH/portable already works with Solaris' PAM and default projects.
But the latest documentation I can find on SunSSH is here:
"These parts of SunSSH 1.5 are quite different from OpenSSH code:
PAM
GSS-API
privilege separation implementation
auditing code
g11n (not present in OpenSSH)
we support HW acceleration through the OpenSSL PKCS#11 engine by default"
http://hub.opensolaris.org/bin/view/Community+Group+security/SSH
However, the only Solaris specific change I'm seeing for OpenSSH
portable in regards to Solaris in the last couple of years is a mod
for project support;
ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/ChangeLog
So I'm not seeing a whole lot of incentive for me to stick with SunSSH
since I can't even easily find documentation of what's been patched in
SunSSH in the past 2-3 years. Unless someone's claiming that OpenSSH
just doesn't work with Solaris' implementation of PAM...?
q.v. http://blogs.oracle.com/janp/entry/sunssh_and_openssl_enhancements_in,
and https://www.google.com/search?q=site%3Amail.opensolaris.org+SunSSH
More information about the OpenIndiana-discuss
mailing list