Hi, On Fri, Mar 27, 2015 at 03:02:05PM +0100, Hubert Kario wrote: > > > * - where "support" means that either you have other people responsible > > > for > > > fixing it or that you can hire other people to fix it as the need arises > > > > Try opening a case with HP that their ILO is broken and stupid, and they > > will happily sell you a new machine with a less broken ILO (or "differently" > > broken), but not do stuff like "add sane ciphers to an ILO2". Same for > > Cisco - of course you can buy a new machine with SSHv2, but for the old > > one, they will do hardware replacement if it breaks, but no "new features > > in the software"... > > then vote with your wallet > > as long as you keep buying broken hardware, they will keep selling broken > hardware There's the thing about "primary functions" and "secondary functions". For a server, ILO/IPMI is a secondary function, and no sane company is going to buy something that is less good at it's primary function just to get something better for secondary functions. Besides, *all* the remote management solutions are total sh*t, like "most IPMIs happily giving anyone who asks a full list of accounts + passwords" and stuff like that - so ILO is actually among the better ones. For a router, things like "forwarding plane and routing protocol support" and "user interface that the people running the network know how to operate *and debug*" are critical elements, while "SSHv2" or "SSH with pub key authentication" are definitely nice-to-haves, but won't make anyone switch vendors. > > Yes, it would be so cool if we could just pay someone to put Linux on > > our routing gear and give us a SSHv2 server (without breaking the functions > > that the device is important for, like "routing"). Right. > > Linux can work as a router. And nowadays most of network appliances are just > regular x86 PCs with nice GUI on top. Won't particularily help if that appliance comes as a bundle, and you do not get the keys (metaphorically speaking) to replace individual parts of the system... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert@xxxxxxxxxxxxxx fax: +49-89-35655025 gert@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev