Comment 40 for bug 16918

On Thu, Feb 11, 2010 at 12:42:35AM -0000, J. Javier Maestro wrote:
> Can't anyone follow the suggestion of creating an extra openssh-
> smartcard-opensc and openssh-smartcard-pkcs11 that would use the opensc
> flag or the pkcs11 patch mentioned in this bug?
>
> If there is no serious reason to avoid it, why is this bug open since
> 2005??? Come on! An experienced Debian / Ubuntu developer could have
> done the package in no time at all!

There was a serious reason, even if you don't agree with it -
combinatorial package explosion for each possible option is not a good
thing, and in the long run it creates confusion. "Oh, I just needed to
install openssh-smartcard-opensc-hap-krb5-noavahi and then it all
worked." This is the sort of thing that experienced Debian/Ubuntu
developers learn to think about, because they have the experience of
painting themselves into corners in the past and then having trouble
getting themselves (and their users) out of it.

Fortunately, upstream's smartcard support has been overhauled to use
dynamically loaded PKCS#11 tokens. In the packages of OpenSSH 5.4
(Lucid+1, I'm afraid), we'll be able to have this enabled by default,
which will fix this long-standing bug.