Date: Thu, 11 Apr 2002 11:56:00 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Stephen Hoover <shooverfbn@442spot.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: sshd & tcp wrappers - bad idea? Message-ID: <Pine.GSO.4.44.0204111152010.17335-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <LKEGLDFEGPHGICLNAALGMEOFCFAA.shooverfbn@442spot.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Apr 2002, Stephen Hoover wrote: > I just recently started playing with tcp wrappers and I noticed in the > config file it says: > > "Wrapping sshd(8) is not normally a good idea..." > > I was just wondering why that is... sshd does some fairly intensive calculations when it starts up in order to generate some random keys. Over time, it will regenerate these; however, if you stick it inside inetd rather than running standalone, it'll do all the work for every connection. This takes time and can exhaust the entropy pool. jan -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk Strive to live every day as though it was last Wednesday. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0204111152010.17335-100000>