This adds a new ebuild for the lsh implementation of ssh version 2 protocol. lsh can be seen as a replacement for openssh and is said to be more secure (less bugs? :) Reproducible: Always Steps to Reproduce:
Created attachment 17879 [details] lsh-1.4.2.ebuild
Created attachment 17880 [details] lsh-1.4.2.ebuild
Created attachment 17881 [details] lsh-1.4.2.ebuild
(somehow i always get an error message, when i try to upload an attachment.. yet it seems like the attachment gets uploaded just fine)
Created attachment 17883 [details] init script
Created attachment 17884 [details] /etc/conf.d/lshd
In light of yesterdays buffer exploit in OpenSSH, diversity is probably a good thing. Note that a previous submission of this ebuild was rejected a year and a half ago. Please accept this ebuild, this time.
------- Additional Comments From arutha@gmx.de 2003-18-09 09:36 EST ------- Well I guess I gotta post this "I'm interested" comment now that I said so on gentoo-dev :)
There seems to be an exploit for lsh in the wild ... http://www.heise.de/security/news/meldung/40434 http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000120.html please do not commit 1.4.2 until these problems are resolved!
Created attachment 18066 [details] version 1.4.3 fixes security problem no changes to the 1.4.2-ebuild, just a newer version of lsh. since 1.4.2 has an remote root exploit, and this new version fixes the bug.. emerge the new one.
now in cvs ... i disabled kerberos support since (1) it didnt compile for me and (2) i didnt really feel like messing around with it ;)
Hi, the lsh package is a bit broken, see bug #56156. This effectively prevents other packages depending on the nettle library to go into portage. Since I have no experience with lsh and don't want to decrease the quality even more, I don't feel like fixing it ;)