Bug#261771: marked as done (ssh: breaks debian rules by hacking files in /etc/pam.d)

To: Colin Watson <cjwatson@debian.org>
Cc: Matthew Vernon <matthew@debian.org>
Subject: Bug#261771: marked as done (ssh: breaks debian rules by hacking files in /etc/pam.d)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 28 Jul 2004 05:03:08 -0700
Message-id: <handler.261771.D261771.109101533926365.ackdone@bugs.debian.org>
In-reply-to: <20040728114856.GA8542@riva.ucam.org>
References: <20040728114856.GA8542@riva.ucam.org> <200407280349.i6S3nrtw000412@hend.net>

Your message dated Wed, 28 Jul 2004 12:48:56 +0100
with message-id <20040728114856.GA8542@riva.ucam.org>
and subject line Bug#261771: ssh: breaks debian rules by hacking files in /etc/pam.d
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Jul 2004 03:50:25 +0000
>From jdh@hend.net Tue Jul 27 20:50:25 2004
Return-path: <jdh@hend.net>
Received: from lakermmtao03.cox.net [68.230.240.36] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BpfSS-000861-00; Tue, 27 Jul 2004 20:50:25 -0700
Received: from hend.net ([68.100.246.2]) by lakermmtao03.cox.net
          (InterMail vM.6.01.03.02.01 201-2131-111-104-103-20040709)
          with ESMTP
          id <20040728034952.WDWE17122.lakermmtao03.cox.net@hend.net>
          for <submit@bugs.debian.org>; Tue, 27 Jul 2004 23:49:52 -0400
Received: (from jdh@localhost)
	by hend.net (8.12.9/8.12.9/Submit) id i6S3nrtw000412;
	Tue, 27 Jul 2004 23:49:53 -0400
Message-Id: <200407280349.i6S3nrtw000412@hend.net>
From: "John D. Hendrickson" <jdh@hend.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ssh: breaks debian rules by hacking files in /etc/pam.d
X-Mailer: reportbug 1.50
Date: Tue, 27 Jul 2004 23:49:53 -0400
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: ssh
Version: 1:3.4p1-1
Severity: normal



-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux link 2.4.20-mm #1 Tue Feb 24 17:47:00 EST 2004 i586
Locale: LANG=C, LC_CTYPE=C

Versions of packages ssh depends on:
ii  adduser                       3.47       Add and remove users and groups
ii  debconf                       1.0.32     Debian configuration management sy
ii  libc6                         2.2.5-11.2 GNU C Library: Shared libraries an
ii  libpam-modules                0.72-35    Pluggable Authentication Modules f
ii  libpam0g                      0.72-35    Pluggable Authentication Modules l
ii  libssl0.9.6                   0.9.6c-2   SSL shared libraries
ii  libwrap0                      7.6-9      Wietse Venema's TCP wrappers libra
ii  zlib1g                        1:1.1.4-1  compression library - runtime


I couldn't use rlogin / rsh after dist-upgrade becuase ssh had improperly
place himself in the /etc/pam.d/common-* files.

I did have ssh installed on all machines: it just didn't work where before
upgrade it had.

I don't like ssh.  Its a backward idea.  It has a bad usefullness record.

And some packager made RSYC depend on ssh and put it in as a default compile
option:
	--> WHICH CAUSED ALL MY RSYNC SCRIPTS TO FAIL
	--> WHICH IS MY DISK MIRRORING YOU )(*^&#)(&@*#$_

This is obviously NOT the rsync author's intention, as the manpage says you
must use "--rsh=ssh" to use ssh.  But now I have to use "--rsh=rsh" to NOT
use ssh.

It has in the past told users it was offering a secure shell when infact it 
did no such thing without hours of backwards configurations.  The most recent
version looks as if it has keys configured.  I'm not at all supprised to see
users are saying it is not using any security for logins.  Not at all.

It isn't compatible with telnet.  It breaks X - though it has found its way
into GNOME projects files anyway.

Its not transport compatible, not secure, hard to configure, pulls wool over
users eyes by calling itself a secure shell in its manpage.  It's hardly
an openvpn or kerberos.  It's practically inadvisable to install.

It has no place being "standard" or "base" at all - if you check the all too
lengthy bug logs.





---------------------------------------
Received: (at 261771-done) by bugs.debian.org; 28 Jul 2004 11:48:59 +0000
>From cjwatson@flatline.org.uk Wed Jul 28 04:48:59 2004
Return-path: <cjwatson@flatline.org.uk>
Received: from chiark.greenend.org.uk [193.201.200.170] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Bpmvb-0006qs-00; Wed, 28 Jul 2004 04:48:59 -0700
Received: from [192.168.124.112] (helo=riva.lab.dotat.at)
	by chiark.greenend.org.uk (Debian Exim 3.35 #1) with esmtp
	for 261771-done@bugs.debian.org
	id 1BpmvY-0006lV-00; Wed, 28 Jul 2004 12:48:56 +0100
Received: from cjwatson by riva.lab.dotat.at with local (Exim 3.35 #1 (Debian))
	for 261771-done@bugs.debian.org
	id 1BpmvY-0002Ea-00; Wed, 28 Jul 2004 12:48:56 +0100
Date: Wed, 28 Jul 2004 12:48:56 +0100
From: Colin Watson <cjwatson@debian.org>
To: 261771-done@bugs.debian.org
Subject: Re: Bug#261771: ssh: breaks debian rules by hacking files in /etc/pam.d
Message-ID: <20040728114856.GA8542@riva.ucam.org>
References: <200407280349.i6S3nrtw000412@hend.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200407280349.i6S3nrtw000412@hend.net>
User-Agent: Mutt/1.3.28i
Delivered-To: 261771-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

On Tue, Jul 27, 2004 at 11:49:53PM -0400, John D. Hendrickson wrote:
> I couldn't use rlogin / rsh after dist-upgrade becuase ssh had improperly
> place himself in the /etc/pam.d/common-* files.

The ssh package does not touch /etc/pam.d/common-*.

> It has in the past told users it was offering a secure shell when infact it 
> did no such thing without hours of backwards configurations.  The most recent
> version looks as if it has keys configured.  I'm not at all supprised to see
> users are saying it is not using any security for logins.  Not at all.
> 
> It isn't compatible with telnet.  It breaks X - though it has found its way
> into GNOME projects files anyway.
> 
> Its not transport compatible, not secure, hard to configure, pulls wool over
> users eyes by calling itself a secure shell in its manpage.  It's hardly
> an openvpn or kerberos.  It's practically inadvisable to install.
> 
> It has no place being "standard" or "base" at all - if you check the all too
> lengthy bug logs.

Rants are not appropriate in the bug tracking system. Please take them
elsewhere. If you have a concise and accurate report about ssh's
behaviour, please file it, rather than yourself adding to the lengthy
list of bugs with a rant.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- Bug#261771: ssh: breaks debian rules by hacking files in /etc/pam.d
  - From: "John D. Hendrickson" <jdh@hend.net>

Prev by Date: Bug#261771: ssh: breaks debian rules by hacking files in /etc/pam.d
Next by Date: Accepted openssh 1:3.8.1p1-8 (powerpc source)
Previous by thread: Bug#261771: ssh: breaks debian rules by hacking files in /etc/pam.d
Next by thread: Accepted openssh 1:3.8.1p1-8 (powerpc source)
Index(es):
- Date
- Thread