Subject: Re: OF2.0 and/etc/mk.conf and ACCEPTABLE_LICENSES
To: gabriel rosenkoetter <>
From: David Rankin <>
List: tech-pkg
Date: 12/22/1999 13:42:26
On Wed, Dec 22, 1999 at 12:28:07PM -0500, gabriel rosenkoetter wrote:
> What I still don't understand is how, if all the legalities have
> somehow remained the same, OpenBSD can make OpenSSH part of the
> default 2.6 install (as they claim to) without causing a bunch of
> people to break the law.
> Either they install an ssh linked against RSAREF breaking licenses, or
> they install an ssh linked against RSA breaking patents within the US,
> and though I've read enough about this to know better, I'd really
> hoped there'd been some loophole found.

I believe that they handle it in a similar way our package handles the OpenSSL
libraries: they have a tarball containing the RSAREF-free openssl library
sitting on the main (Canadian) site and a library linked with RSAREF on a
US server. It's the user's responsibility to grab the correct tarball.

> Oh well, I was deluded, whatever. OpenSSH still beats F-Secure ssh in
> the uid handling business.

> Again, back to the point actually relevant to this list: whom do I
> contact regarding the addition of OpenSSH to the NetBSD port tree?

This is an interesting topic. I actually have a package of the "UNIX" port
of OpenSSH based on 1.2pre13, but they're going through versions so quickly
(they're now up to 1.2.1pre19) that we can't even think about importing a
a package until they put out a stable release. I'll ask the OpenSSH guys to
consider putting out a release so that we can get a package into the
packages tree.

Please note that I'm cc:ing tech-pkg on this. This discussion probably
belongs there now.


David W. Rankin, Jr.     Husband, Father, and UNIX Sysadmin. 
   Email:   Address/Phone Number: Ask me.
"It is no great thing to be humble when you are brought low; but to be humble
when you are praised is a great and rare accomplishment." St. Bernard