workaround for VMware WS NAT bug triggered by OpenSSH 7.8p1 changes
Enji Cooper
yaneurabeya at gmail.com
Sun Dec 23 01:58:45 UTC 2018
> On Dec 22, 2018, at 1:03 PM, Cy Schubert <Cy.Schubert at cschubert.com> wrote:
…
> Regarding the Red Hat bugzilla bug, looks like they're doing the right
> thing by reaching out to VMware. This should be our position as well.
> Add it to ssh_config or sshd_config if one must but have VMware fix
> their bugs. Putting workarounds in our O/S to work around a bug in some
> other vendor's virtualization is something I don't support. If we must
> add the #ifdefs to our ssh, then add an UPDATING entry to say that to
> enable it put VMWARE_GUEST_WORKAROUND or however we choose to enable it
> in src.conf.
This is the reason why I CCed mp@ :).. Mark works for VMware (I worked with him a bit when I was at Isilon).
…
> We, FreeBSD, should try to open a ticket or reach out to VMware to add
> a +1 to the issue that RH has already opened. This is the right thing
> to do. In this case we should consider ourselves an O/S vendor too,
> which BTW we are.
Yes, but unless there’s a champion internal to the project driving this, it’s up to individual users to drive the bug report/fix. If, however, there were regular regression tests run with VMware (and this can be done with pyvmomi/paramiko, etc), then we the project could provide this guarantee to VMware and vice versa if VMware invested the time in making this so--which I thought they did with 10.x… but if they don’t have an easy way to verify changes, there’s a bit of a chicken and egg problem.
> BTW the 2018-11-08 entry in the RH bug talks about adding the
> workaround to sshd_config.
… which is what I did instead of making the code change.
Thanks so very much for the patch and (more importantly) for the discussion/solution Yuri!! I really appreciate your unblocking me.
Cheers,
-Enji
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20181222/f43cd238/attachment.sig>
More information about the freebsd-current
mailing list