1 |
> -----Original Message----- |
2 |
> From: news [mailto:news@×××××××××.org]On Behalf Of Duncan |
3 |
> Sent: 24 February 2007 15:10 |
4 |
> To: gentoo-desktop@l.g.o |
5 |
> Subject: [gentoo-desktop] Openssh really needed in desktop profiles? |
6 |
> |
7 |
> In fact, despite the fact that I've been running Gentoo since |
8 |
> early 2004, |
9 |
> I've /never/ had ssh on the system, AFAIK. It has always |
10 |
> been injected |
11 |
> or in package.provided, since I never could see a reason to |
12 |
> have it on my |
13 |
> system, and as we all know, an unneeded and unused app on the |
14 |
> system is a |
15 |
> security vulnerability waiting to happen. Not only that, but |
16 |
> on Gentoo, |
17 |
> there's a significantly higher than normal maintenance |
18 |
> burden, give our |
19 |
> compile from sources general policy. Since I've not needed it in all |
20 |
> /that/ time, it should indeed be safe to remove from the |
21 |
> system list and |
22 |
> made a dependency for anything that /does/ need it. |
23 |
> |
24 |
|
25 |
I was under the (possibly mistaken) impression that openssh was a relatively secure, stable package as one would hope from one of the staple packages for any remote *nix server.
|
26 |
|
27 |
Also.
|
28 |
|
29 |
2min43s to compile 4.5_p1-r1 on a Core Duo running at 1.33GHz (while doing other things).
|
30 |
/etc/ssh is 164k
|
31 |
other confs in /etc are 12k total
|
32 |
scp is 44k
|
33 |
sftp is 68k
|
34 |
/usr/bin/ssh* are <700k
|
35 |
sshd is 300k.
|
36 |
|
37 |
Plus docs and stuff. So it's not that long to compile, and only takes a few megs of space at most. I don't see a pressing reason to remove it by default - and it's a damn useful tool to have installed. Throw into that the confusion if people don't know it's been removed by default....
|
38 |
|
39 |
Anyone who knows they wont need it can easily remove it. Or do rc-update del sshd default.
|
40 |
|
41 |
Just my £0.02 - the "aye been" approach I'm afraid.
|
42 |
|
43 |
--
|
44 |
djn
|
45 |
|
46 |
I do not represent anyone else in emails I send to this list. |