[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH buglist cleanup.

On Sun, Feb 20, 2000 at 11:26:58PM -0700, Jason Gunthorpe wrote:
> > 	If that's the case, then I'd remove PrintMotd also,
> > 	for consistency. Currently, I'm thinking that the
> > 	most logical thing to do would be to add a PrintLastlog
> > 	next to PrintMotd, and make their default value depend
> > 	on whether PAM is in or not. That way everyone won't have
> > 	to turn it off; it will be off -- but if someone wants to
> > 	take pam_lastlog away, then ssh can still do it also.
> My patch takes both functions completly out of ssh when pam is enabled. No
> sense in having them.
> It would be good to purge the options too..

	Yes, I understand your point. But I don't like the
	idea of PAM-ssh config files being non-compatible
	with the non-PAM version.

	In my little mind having config options for both
	items is best, because:

	1) if someone for some reason does not want to use
	   pam_motd and pam_lastlog, he can still enable
	   ssh to do them
	2) if the options change their defaults based on
	   whether PAM is in or not, there is no configuration
	3) it gives more flexibility, not less.

	Then again, things like this should be decided by the
	"upstream". But "upstream" is sometimes OpenBSD, sometimes
	the linux porter, etc. And they have no bug list visible
	as far as I know. I'm trying to contact the linux porter
	to see if he has any thoughts.

unix, linux, debian, networks, security, | ABORTED effort:
kernel, TCP/IP, C, perl, free software,  | Close all that you have.
mail, www, sw devel, unix admin, hacks.  | You ask way too much.

Reply to: