Perhaps SuSE could set up an advocacy list so this doesn't clutter up the security list?
I'll forward it to the right people.
As far as SSH packaging goes is there any reason to NOT split it up to client and server? It makes sense to me. Is there any compelling reason to NOT split it up?
I need a reason _for_ it in the first place. How about START_SSHD=no in /etc/rc.config, or rm /sbin/init.d/sshd /usr/sbin/sshd* /sbin/rcsshd ? The secure shell daemon is ran at boot time per default intentionally. Reason: ssh is the only way to access a freshly installed machine remotely. We find that this makes sense.
Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -