I had the hardest time figuring out why some ecdsa stuff wasn't working with openssh, it was only some research later that I finally found out the ebuild was disabling the ecdsa in the init script itself. Therefore, I'd recommend an one-line output to the ebuild if openssl[binist] is being used. Something like this: Index: openssh-5.9_p1-r3.ebuild =================================================================== RCS file: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.9_p1-r3.ebuild,v retrieving revision 1.5 diff -u -r1.5 openssh-5.9_p1-r3.ebuild --- openssh-5.9_p1-r3.ebuild 14 Dec 2011 19:52:12 -0000 1.5 +++ openssh-5.9_p1-r3.ebuild 6 Feb 2012 18:48:50 -0000 @@ -182,6 +182,7 @@ # not all openssl installs support ecc, or are functional #352645 if ! grep -q '#define OPENSSL_HAS_ECC 1' config.h ; then + elog "dev-libs/openssl was built with 'bindist' - disabling ecdsa support" dosed 's:&& gen_key ecdsa::' /etc/init.d/sshd || die fi
looks fine -- feel free to commit
done, thx