Re: What's the deal on the -X vs -Y thing?
From: Dan Stromberg (strombrg_at_dcs.nac.uci.edu)
Date: 01/25/05
- Next message: brookeg1_at_electraforge.com: "Re: WinCVS through Putty and SSH problem (newbie)"
- Previous message: Per Hedeland: "Re: What's the deal on the -X vs -Y thing?"
- In reply to: Per Hedeland: "Re: What's the deal on the -X vs -Y thing?"
- Next in thread: all mail refused: "Re: What's the deal on the -X vs -Y thing?"
- Reply: all mail refused: "Re: What's the deal on the -X vs -Y thing?"
- Reply: Darren Tucker: "Re: What's the deal on the -X vs -Y thing?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Jan 2005 14:39:27 -0800
>>Now try it with those lines moved to the upgraded systems' global
>>ssh_config (ie /usr/local/etc/ssh_config or wherever you've configured
>>--sysconfdir to be). This is actually what I (and the FAQ) suggested.
This assumes centrally-maintained systems. In fact, it kind of sounds
like the perspective of someone who's only worked on a small number of
systems before. At UCI, we're herding cats.
Believe it or not, not everyone has root access on the all the boxes they
work on, and not all boxes have admins who are going to realize this
change could help matters, nor do they have admins who would be responsive
to such a request - and then there are other admins with -many- more
useful things to do than coerce and cajole other admins into doing
something that they don't quite understand.
> And your work is much appreciated
Agreed, the work on OpenSSH is appreciated.
>>Unfortunately, it seems that any non-trivial change will attract
>>criticism from somewhere.
>
> Yes, that's what you get for working on popular software.:-)
100% agreement.
Hey, where I work, sometimes I don't even have complete control over
things I imagined, wrote and maintain myself. :-S
Like it or not, once lots of people start using your code, it kind of
takes on a life of its own. You end up with a responsibility to your
users not to break things without solid justification.
And I continue to maintain that the OpenSSH team has done exactly that:
break things without solid justification.
Meanwhile, I'm prototyping some workarounds in the code I've based on
OpenSSH, for ideas that'll get around this breakage. But it's
time I don't really have, that should be going into other projects!
If you want to be security nazis, please just make -X do what it did
before, but additionally spit a nastygram on stderr.
Then again, now that the cat's out of the bag, I'm going to end up
recoding anyway, even if you do revert to a more rational behavior in
OpenSSH. :(
- Next message: brookeg1_at_electraforge.com: "Re: WinCVS through Putty and SSH problem (newbie)"
- Previous message: Per Hedeland: "Re: What's the deal on the -X vs -Y thing?"
- In reply to: Per Hedeland: "Re: What's the deal on the -X vs -Y thing?"
- Next in thread: all mail refused: "Re: What's the deal on the -X vs -Y thing?"
- Reply: all mail refused: "Re: What's the deal on the -X vs -Y thing?"
- Reply: Darren Tucker: "Re: What's the deal on the -X vs -Y thing?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
