Please package openssh with LPK patch

This patch is very useful for people running on LDAP infrastructure. It allows us to keep authorized_keys in LDAP instead of files on individual machines. It would be very useful to have this patch either in the default openssh-server, or a special version of that package. It is currently an option on Gentoo at least. Thanks!

For more details see:

http://dev.inversepath.com/trac/openssh-lpk
http://blog.fupps.com/2006/03/02/ssh-public-keys-from-ldap/
http://dev.inversepath.com/openssh-lpk/ldap_fosdem_2006.pdf

Somebody really needs to submit this patch upstream. It's pretty massive and I can't find any mention of it on openssh-unix-dev at all. It also adds new configuration options; I've been bitten in the past by integrating third-party patches that upstream then chooses to integrate using different option names, and so I now have a general policy of not integrating patches that add configuration options in order to avoid having to carry any more compatibility code around until the end of time. (I have made the occasional exception for ones that have been quite thoroughly discussed upstream and are gradually being merged, such as the Kerberos patch.)

I have no objection to the patch as such (not having read it in enough detail), but in my experience adding this sort of OpenSSH patch just to distros and not upstream is asking for trouble down the line and I'd rather avoid it.

I agree, Colin.

If the request has been made upstream, this one should be closed, IMHO.

There's no real reason to close it (somebody else will just reopen it), but I've linked it to the upstream bug.