I can't think of why ssh should be required for prefix installs. Having it installed on MacOS, and putting Gentoo ahead of the host system in your PATH actually breaks ssh because Apple's ssh install is integrated with their security system. Reproducible: Always
We'd /prefer/ not to diverge too much from Gentoo Linux which is why it stayed in the profile up to now.
That makes sense. I don't know what kind of maintenance burden it would introduce to diverge from Gentoo Linux. But hopefully you agree that it's in system as a convenience, and that removing it wouldn't break anything, especially given that servers aren't expected to work on Prefix anyway.
Case on OSX is that it has a reasonably well ssh, so indeed you could do without (you can in your local install, if you want). Other systems on the other hand... Inclined to close this bug as a wontfix.
So, this is not a technical issue, it would be easy for us to make the change. But, we don't really want to. Ergo, I'll close this bug since two devs have chimed in. Your workaround: echo 'net-misc/openssh-5' >> $EPREFIX/etc/portage/profile/package.provided (Note, simply removing virtual/ssh from the system set doesn't make it "go away" in all cases.)
I just had a discussion with someone that mentioned to me that they have problems with ssh from prefix due to host-based authentication, and I myself have problems sometimes when using Kerberos authentication as well, so I think we should revisit the rationale for keeping virtual/ssh on the system set. It's not required for prefix, as mentioned in the original report, and it's really easy to install. With package.provided, however, you may end up breaking packages that depend on openssh. @grobian, what do you think?
Well I kinda like an uptodate ssh on my Prefixes :) This is an every-going debate, of course. I still agree with comment #1, but yes on some envs ssh isn't considered a nice add-on. I'm not sure if those envs (and highly scripted as some of those are, so one mask entry isn't a big deal) outweigh the general usage.
On prefix-standalone, due to the different libc, ssh can become broken, for the same reason it can be broken on macOS. So I think that having to install it after bootstrapping if you need it is a much smaller inconvenience than having to use package.provided to not have it installed, since that also affects packages that depend on ssh and may break them by forcing them to link against the host's ssh.
I think this is really only limited to linux, on macOS (as in this bugreport) the ssh provided by Gentoo is less functional, but if you don't care about the OS integration (like me) openssh certainly is an improvement. FWIW, I'm ok with removing it from @system in Prefix, I can see that it might be better to explicitly pull it in, versus getting it by default.
(In reply to Fabian Groffen from comment #8) > I think this is really only limited to linux, on macOS (as in this > bugreport) the ssh provided by Gentoo is less functional, but if you don't > care about the OS integration (like me) openssh certainly is an improvement. > > FWIW, I'm ok with removing it from @system in Prefix, I can see that it > might be better to explicitly pull it in, versus getting it by default. Same view here. But I accept that removing it is a lot easier for people who don't want the Prefix version given @system makes it a bit painful. Feel free to drop it.
When I used prefix on my iMac I also used ssh from the prefix, despite the lack of integration, but nowadays I find myself frequently getting out of the prefix to be able to use ssh (e.g. for cloning/fetching git repos with Kerberos authentication).
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=057e999a283ac0725e7fe1d066472286c4592e84 commit 057e999a283ac0725e7fe1d066472286c4592e84 Author: Guilherme Amadio <amadio@gentoo.org> AuthorDate: 2021-06-14 12:51:38 +0000 Commit: Guilherme Amadio <amadio@gentoo.org> CommitDate: 2021-06-14 12:58:12 +0000 profiles: remove virtual/ssh from system on prefix, bug 395019 virtual/ssh is not strictly required on prefix, and on some systems the ssh from prefix might not work properly, so it's better to pull it in explicitly when needed. Closes: https://bugs.gentoo.org/395019 Signed-off-by: Guilherme Amadio <amadio@gentoo.org> profiles/features/prefix/packages | 1 + 1 file changed, 1 insertion(+)
