From owner-freebsd-security Sun Sep 13 01:47:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA03976 for freebsd-security-outgoing; Sun, 13 Sep 1998 01:47:23 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id BAA03971 for ; Sun, 13 Sep 1998 01:47:20 -0700 (PDT) (envelope-from sthaug@nethelp.no) From: sthaug@nethelp.no Received: (qmail 20634 invoked by uid 1001); 13 Sep 1998 08:47:06 +0000 (GMT) To: marquis@roble.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: sshd In-Reply-To: Your message of "Sat, 12 Sep 1998 19:59:58 -0700 (PDT)" References: X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sun, 13 Sep 1998 10:47:06 +0200 Message-ID: <20632.905676426@verdi.nethelp.no> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > If you're running inetd then it doesn't seem consistent to start > daemons that don't need to run all the time from startup scripts. > Inetd was designed to conserve memory. If you have it why not use it? > /etc/inetd.conf is also a common place to implement access control (via > tcp_wrappers). But I *do* need sshd all the time :-) Starting it from inetd might make sense if this is a host you login to very rarely. > Other than that I've frequently run into situations where keepalives > had to be turned off. In those cases ssh sessions invariably die and > their daemons have to be killed-off by hand (kill ). As it is > difficult to tell the original daemon from the child daemons it's also > easy to accidentally kill the parent. Not really. "cat /var/run/sshd.pid" tells you the pid of the parent. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message