| 1 |
On Mon, Mar 19, 2012 at 9:33 AM, Neil Bothwick <neil@××××××××××.uk> wrote: |
| 2 |
> On Sun, 18 Mar 2012 02:49:56 -0600, Canek Peláez Valdés wrote: |
| 3 |
> |
| 4 |
>> > They ensure that there is an sshd configuration file and |
| 5 |
>> > give a meaningful message (including where to find the sample) if it |
| 6 |
>> > is not present, and check for the presence of the hostkeys (again |
| 7 |
>> > which are needed) and create them if they are not present. Your 9 |
| 8 |
>> > lines of sshd.service do none of this. |
| 9 |
>> |
| 10 |
>> That is completely true. I also think that those checks does not |
| 11 |
>> belong into the init script: I think the configuration file presence |
| 12 |
>> should be guarantee by the package manager at install time, and so the |
| 13 |
>> creation of the hostkeys. |
| 14 |
> |
| 15 |
> sshd is a bit of a special case. Think like CDs, like SystemRescueCD. If |
| 16 |
> the keys were created at installation time, every CD would have the same |
| 17 |
> keys, which is not particularly desirable. |
| 18 |
|
| 19 |
I prefer "counterexample" to "special case" ... I don't like calling |
| 20 |
things "special cases" because it suggests that they're somehow more |
| 21 |
privileged than anything else, and unnecessarily weighs against |
| 22 |
software which hasn't been written yet. |
| 23 |
|
| 24 |
A similar case which falls into the same kind of circumstance: |
| 25 |
per-host IDs in mass-deployment scenarios. You see this in large |
| 26 |
arrays of similar systems; 'sbc-a3d6' 'sbc-a3d9' 'sbc-7721' ... Heck, |
| 27 |
applying something like that to live installation media would be nice; |
| 28 |
not having every new install called simply 'gentoo' by default would |
| 29 |
be very helpful in installfest scenarios. Identical hostnames screw |
| 30 |
with DHCP-driven DDNS updates. I ran into that on my home network. |
| 31 |
|
| 32 |
-- |
| 33 |
:wq |
Archives