So, with the latest round of ssh security problems, it would seem
important that openssh install and run flawlessly on a 1.5 system.
Unfortunately, given the lack of /etc/login.conf in 1.5, it dies after
authentication with "unable to get login class."  Apparently, openssh
calls login_getclass(3), which returns NULL, and openssh takes this to
be an error status.

1.  What's the right thing to do here?  Should login_getclass
    synthesize a default entry if there's no login.conf?  There's no
    mention in login_cap(3) about what return value constitutes an
    error, and whether errno gets set.  So maybe it's reasonable for
    openssh to consider a NULL return to be an error.

2.  For the time being, it looks like we should patch openssh's
    session.c to ignore a NULL return from login_getclass(3), so that
    people don't have to follow -release in order to keep up with
    openssh versions.  If nobody else does, I'll generate a patch for
    this tomorrow evening and post it to this list before committing.

Chris

-- 
---------------------------------------------------- chris@cjones.org
Chris Jones                                          Mad scientist at large
  www.netbsd.org www.postgresql.org www.schemers.org www.python.org