[I've CCed openssh-unix-dev for awareness, but set Mail-Followup-To to
just debian-devel and debian-ssh to avoid potentially spamming them with
a long discussion. If you choose to override this then that's your
call, but please be mindful of upstream's time.]
Following the xz-utils backdoor, I'm
Hey.
On Tue, 2024-04-02 at 01:30 +0100, Colin Watson wrote:
> All the same, I'm aware that some people now depend on having this
> facility in Debian's main openssh package: I get enough occasional
> bug
> reports to convince me that it's still in use.
Being one of those people, and having even
Christoph Anton Mitterer writes:
> Actually I think that most sites where I "need"/use GSSAPI... only
> require the ticket for AFS, and do actually allow pubkey auth (but
> right now, one doesn't have AFS access then).
In past discussions of this patch, this has not been the case. One of the
In days of yore (Tue, 02 Apr 2024), Colin Watson thus quoth:
> TCP wrappers
>
Not used hosts.{allow,deny} for the last 17 years (since I started my
current employment) so I am biased. Honest opinion is that firewall and
fail2ban have pretty much obsoleted TCP wrappers.
> SELinux
>
Damien Miller wrote:
> Another thing we're considering in OpenSSH is changing how we integrate
> with PAM. PAM's API demands loading modules into the authenticating
> process' address space, but obviously we've just been reminded that this
> is risky.
This was a long-standing problem with
On Tue, 2 Apr 2024, Colin Watson wrote:
[I'm not subscribed to the debian-* lists, please Cc me in replies if
you want me to see them]
> [I've CCed openssh-unix-dev for awareness, but set Mail-Followup-To to
> just debian-devel and debian-ssh to avoid potentially spamming them
> with a long
Thanks for your reply, Colin.
> While I realize that this doesn't introduce a new external dependency, I
> have to say that this is not the week to be asking for a new distro
> patch to OpenSSH!
Point taken.
> I'd be happy to include this if upstream does, but I don't think I'm
> likely to
Processing control commands:
> tags -1 wontfix
Bug #1068162 [openssh-server] Please consider adding MP-TCP support
Added tag(s) wontfix.
--
1068162: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068162
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 wontfix
On Mon, Apr 01, 2024 at 01:21:27AM +0200, Juliusz Chroboczek wrote:
> Please consider applying the following patch:
>
> https://github.com/openssh/openssh-portable/pull/335
>
> MP-TCP support allows moving from one IP address to another without
> breaking connections,
9 matches
Mail list logo