This file documents what each of the patches does, for the benefit of
the inquisitive:

mmap-shm.patch: linux doesn't allow anonymous shared
        mappings used to pass data between the privsep
        and normal parts of ssh. To get around this normal
        ssh creates a temporary file in /tmp and then
        mmaps this with MAP_SHARED. Obviously you can't
        do this on with EROFS so this patch uses system
        V shared memory segments to acheive the same
        result.

ncad.patch:
        makes the makefile only generate sshd
        swaps /etc/ssh to /etc/nca for all except host
        keys, prevents generation of keys in the install
        process, installs the binary sshd as ncad,
        installs ncad_config in /etc/ncad if necessary

        replaces getaddrinfo, getnameinfo, getprotobyname,
        initgroups &tc.  with versions that don't require
        the resolver, NIS or whatever to be working.

        swaps .ssh to be .nca
        
        and add ncad_config.

keepalive.patch:
        Addresses the problem of taking SSH through NAT.  Most NAT has
        a timeout of a few minutes, which is a problem for SSH since by
        default it sends keepalive packets only once an hour.
        keepalive.patch provides the following mechanisms for solving
        this problem:

         * send one byte of OOB data
         * request a pointless port forward
         * send a NONE packet
         * send an IGNORE packet
         * send a DEBUG message 
         * send an empty keyboard data packet
         * send a SIGWINCH message

        Experiments showed that a NONE packet was the most reliable of
        these, and so is the default.  (This is a patch to the SSH
        client, and is included with ncad more for the convenience of
        its author than for the utility it affords to those using
        ncad.)