On Mon, Nov 28, 2005 at 06:10:17PM -0800, pete wright wrote:
> support lisc. for legal issues. If the software goes tit's up and
> costs the company N dollar's it is easier to get that money from a
> commercial entity whom you have a contract with (or more likely get
> money via a insurance broker of some sort). At least that's the best
anyone heard of this happening or heard even a rumour of this ever
On 11/28/05, Paul Pruett <[hidden email]> wrote:
> omg what a load of ****,
> to funny, any coporation stupid enough to fall for that story
> by ssh to buy Tectia ssh and not use openssh deserves to be
> taken for $$$$ plus the security issues they will get.
That's because there's a huge number of "cover my ass" type people at work
in key positions. If they can't buy "support", they won't use it, at least
officially. I had proposed making openssh a standard at a Fortune 100
company. The director of security turned it down for 1.5 years, because of
"support". I was told to evaluate ssh. I asked them for a quote. They
quoted me list price. I laughed in their face, and asked for a serious
price. It still came to over a couple of million for an "enterprise
solution". Told them if they wanted serious consideration, they had better
not waste my time. Finally got a reasonable price by the director's
In the end, I managed to prevail and got openssh set as the standard, but
had to find 3 "key" people to support ssh. Had to write documentation,
which basically was something along the lines of:
Username: <enter username>
Password: <enter password>
Username: <enter username>
Password: <enter password>
Some advanced users may wish to explore features such as the "-l" flag or
even using keys. Read the man pages for more details.
On Tue, 29 Nov 2005 19:19:01 -0800
Sean Comeau <[hidden email]> spake:
> On Mon, Nov 28, 2005 at 06:10:17PM -0800, pete wright wrote:
> > support lisc. for legal issues. If the software goes tit's up and
> > costs the company N dollar's it is easier to get that money from a
> > commercial entity whom you have a contract with (or more likely get
> > money via a insurance broker of some sort). At least that's the best
> anyone heard of this happening or heard even a rumour of this ever
I've heard of it happening, but do not remember anything ever coming of
any of them... probably quietly and confidentially settled if anything
- otherwise thrown out of court.
I've often heard the "support" argument raised... But having spent
some quality time with support from large companies, I really have to
say I overall tend to get better support from the web and open source
communities. Heh, we used to make little paper cutouts of the support
people we were dealing with and put them around the speaker with little
captions next to them saying "time is money", "I'm an idiot", etc..
Ah good times.
Director of Internet Technology
On Tue, Nov 29, 2005 at 06:12:29PM -0600, Qv6 wrote:
> Has any company ever approached the openssh dev team and offered to buy
> a support contract from them? Did they refuse?
> Come to think of it, why doesn't the openssh team sell support contracts
> to companies that want it? Or maybe they already do.
You don't need to be an official OpenSSH developer to start a company
that supports OpenSSH.
Start one that focuses on it. Hell, www.opensshsupport.com is even
On 11/30/05, Clint M. Sand <[hidden email]> wrote:
> Start one that focuses on it. Hell, www.opensshsupport.com is even
> I bet some of these companies already support this in some capacity
> http://www.openbsd.org/support.html >
> Less complaining, more doing.
You don't understand the mentality of the morons who must have "support".
It's not support they want, it's a fee that they want to pay to assuage
Your piddly little company is not a real company, not like Computer
Associates or McAfee or Nortons or Microsoft. Now, those are _REAL_
Once you can understand that mindset, then you can understand why people
want/need support for some things like openssh.
Now, if _I_ were to open an openssh support shop, I'll make sure that a
portion of the profits go back to OpenSSH (or heck, hire some folks to work
on openssh/openbsd), but would you want to buy a support contract from me?
On Wed, 30 Nov 2005 19:37:48 -0500
Steve Shockley <[hidden email]> wrote:
> Like HP? Of course, I wouldn't pay for their level of OpenSSH "support".
The level of support, or lack thereof, is not issue. It's not really about
getting any kind of support at all.
It's all about (middle) management covering their backs and making sure
there's someone outside the company to blame when the shit hits the fan.
You pay someone to be your scapegoat.
It's a sad state of affairs but that's how it often is.
> On Wed, 30 Nov 2005 19:37:48 -0500
> Steve Shockley <[hidden email]> wrote:
>>Like HP? Of course, I wouldn't pay for their level of OpenSSH "support".
> The level of support, or lack thereof, is not issue. It's not really about
> getting any kind of support at all.
> It's all about (middle) management covering their backs and making sure
> there's someone outside the company to blame when the shit hits the fan.
> You pay someone to be your scapegoat.
> It's a sad state of affairs but that's how it often is.
I do not mean to insult anyone but I just want to chime in here and say
that even though I am very grateful to have OpenSSH, SSH.com's product
is not bad.
The commercial version supports a lot of different complex environments,
does more and therefore costs more. For example, there might be many
here who may not want X.509 certs in LDAP/OCSP for network
authentication but there are sites that do. Overall, SSH.coms' support
is good and their product rock solid (the same for OpenSSH).