Open jas4711 opened 5 days ago
jas4711
commented
5 days ago Reading the code has a link to:
https://github.com/golang/crypto/blob/master/ssh/keys.go
Which uses this BSD-license:
https://github.com/golang/crypto/blob/master/LICENSE
I'm going to assume this is the intended "BSD-style" license, but clarifying this file would be good.
maraino
commented
3 days ago Hi @jas4711,
I added the header and the comment because I got the definition of the structure openSSHPrivateKey and the magic header from x/crypto/ssh. I did that because I needed to detect whether a key was password-protected.
In fact, I also moved those structs in x/crypto/ssh from anonymous structs to named ones. I did that because I implemented ssh.MarshalPrivateKey and ssh.MarshalPrivateKeyWithPassphrase from my own implementation of pemutil.SerializeOpenSSHPrivateKey.
I think it is safe to remove or ignore that header. I'm raising this question to confirm that I can remove the comment.
jas4711
commented
3 days ago Hi! Was any code copied? I think that is the main question if the old copyright/license has to be retained or not.
Steps to Reproduce
Hi. I'm packaging this for Debian, and we are going through license statements. The pemutil/ssh.go file begins with:
But I cannot find this file in this package. Could you add it, or at least qualify which license applies to this work? "BSD-style" is not universially unambigious, and having clear licensing matters to Debian.
Your Environment
Debian
Expected Behavior
Appropriate LICENSE file included
Actual Behavior
Appropriate LICENSE file missing
Additional Context
No response
Contributing
No response