AI models don’t really 'get' the BSDs.

The policy postulation is ponderous! I dunno if or what BSD projects might adopt with regard to such things, but it's interesting food for thought!

The net-negative perspective kind of goes with the territory of being involved with less popular projects, but I've already been in these sorts of XKCD situations: https://xkcd.com/979/

Though it can be vaguely hilarious to google (back before that became its own A"I" minefield) something, and find a post, where I was the only one banging my head against an issue (or providing some vague solution, that others apparently hadn't improved upon in the ensuing years).

CC: @stefano@bsd.cafe

IMHO, it's kind of a ray of hope that BSDs are (for now at least) relatively immune to A"I" BS?

CC: @stefano@bsd.cafe

I submitted a Pull Request to update MacPorts' OpenSSH to 10.1p1 here:

https://github.com/macports/macports-ports/pull/28592

GitHub Continuous Integration checks passed OK!

Alas, the agent.patch that iamGavinJ had created, doesn't apply cleanly, in large part because ssh-agent.c has been reworked significantly with this release.

Subsequently, I closed this previous Pull Request: https://github.com/macports/macports-ports/pull/28592 not because I didn't want to restore that functionality to launchd, but because it will require more effort than I can give such things at this time.

But, check out these improvements to ssh-agent from the OpenSSH 10.1 release notes:

"ssh-agent(1)](https://man.openbsd.org/ssh-agent.1), sshd(8): move agent listener sockets from /tmp to
under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets
in sshd(8).

This ensures processes that have restricted filesystem access
that includes /tmp do not ambiently have the ability to use keys
in an agent.

Moving the default directory has the consequence that the OS will
no longer clean up stale agent sockets, so ssh-agent now gains
this ability.

To support $HOME on NFS, the socket path includes a truncated
hash of the hostname. ssh-agent will, by default, only clean up
sockets from the same hostname.

ssh-agent(1) gains some new flags: -U suppresses the automatic
cleanup of stale sockets when it starts. -u forces a cleanup
without keeping a running agent, -uu forces a cleanup that ignores
the hostname. -T makes ssh-agent put the socket back in /tmp."

Anyway, I updated this as well:

https://trac.macports.org/ticket/72482

I should probably actually close this ticket now that I think of it (fingers crossed that adding that to the PR is sufficient, since I forgot to add that note to the commit message as is typically preferred: https://trac.macports.org/ticket/73084).

#OpenSSH #MacPorts #SecureShell #macOS #encryption #security #infosec