On Tue, 30 Sep 2003, Nick Boyce wrote:

>  /usr/src# cvs update -d -P -r netbsd-1-6 crypto/dist/ssh
>  rsh: anoncvs.netbsd.org: No address associated with hostname

Try the SSH method or pserver method.

Some ideas are at http://www.netbsd.org/Documentation/current/ (but be
sure to keep "-r netbsd-1-6").

For example:
CVS_RSH=ssh

> Quite apart from the above, I'm also confused about whether the
> *recommendation* (for a production box) is to get an updated SSH by
> (a) updating the base system as above, or (b) using pkgsrc to acquire
> the apparently equivalent updated openssh package.

Updating base system code is a good idea so if it was built later, it
would not overwrite with bad version.

> (The Advisory also says "The NetBSD Project will make binary patchsets
> available when builds have completed", but that was nearly 2 weeks
> ago, and no pkgsrc binaries are listed yet at
> ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/openssh/README.html)

This is interesting. I'd like to learn more about the algorithms used to
automatically determine what individual files have been updated (if they
do that).

   Jeremy C. Reed
   http://bsd.reedmedia.net/