Re: Shipping non-OpenSSH scp(1) binary
On Tue 11/7/2017, at 10:00 pm, Colin Watson <cjwatson@debian.org> wrote:
>
> On Mon, Jul 10, 2017 at 09:55:15PM +0300, Guilhem Moulin wrote:
>> Meanwhile I had a look at dropbear's scp variant and AFAICT it's
>> actually an almost exact copy of OpenSSH 4.3p2's. (It's mentioned in
>> the headers, and the diff is pretty minimal.)
>
> Could you attach the diff?
I'll let Guilhem post it if it's handy, but from a quick look over the only real differences are calling vfork() for uClinux (not an issue for Debian) and skipping those unused options. Making Dropbear client handle those -o options is probably the right way to handle it.
> But I think dropbear-bin can only reasonably provide the ssh-client
> virtual package if it ships /usr/bin/ssh, and that would also be needed
> in order to avoid having to say "scp -S dbclient". What do you want to
> do about this? I'm not sure how disruptive it would be to make
> dropbear-bin non-coinstallable with openssh-client; quite possibly very
> disruptive.
Can an alternative symlink provide /usr/bin/ssh -> dbclient if openssh-client isn't installed, but openssh-client as a higher priority? I'm pretty sure there are people using Dropbear for initramfs but OpenSSH for the main system, so making them conflict would be a problem there.
Cheers,
Matt
Reply to: