On Wed, 15 Dec 2004, Matthias Andree wrote: > On Wed, 15 Dec 2004, Andre Guibert de Bruet wrote: > >> You realize that you're advocating a statically linked sshd in /rescue, >> right? :-) > > Dropbear is a smaller SSH implementation than the fully-fledged OpenSSH. > Only tried it on Linux so far, and that was a year ago. It appears to > ship with some SSL stuff built-in, and it doesn't need much besides a > host-key (generator is in the dropbear package) and /dev/random or > something. Dropbear appears to be put together from many pieces, all of which seem to carry a BSD-compatible license (IANAL etc etc). It is currently in ports (security/dropbear) and the built, stripped binary appear to "only" be 53K smaller than the OpenSSH one. Because an sshd is a network daemon, security is of course a concern -- Is the 53K of saved space in /rescue (But additional space somewhere else for the convert and key utilities) worth the hassles of tracking upstream distributions of two seperate sshds? I personally tend to think not, but I'm open for comments on this one. I get my numbers from the following: bling# ls -l dropbear* | grep r-x -rwxr-xr-x 1 root wheel 126688 Dec 16 00:21 dropbear -rwxr-xr-x 1 root wheel 134060 Dec 16 00:21 dropbearconvert -rwxr-xr-x 1 root wheel 134928 Dec 16 00:21 dropbearkey bling# ls -l /usr/sbin/sshd -r-xr-xr-x 1 root wheel 179952 Dec 9 20:24 /usr/sbin/sshd >> I've always wanted a network recovery mode, and am currently looking into >> implementing such a beast (For racks devoid of serial console muxers and >> annoying jungles of kvm wires, for example). > > Or when there's insufficient documentation on how to get the LOM client > to work under Linux/Solaris/*BSD... I hear you loud and clear on this one! Regards, Andy | Andre Guibert de Bruet | Enterprise Software Consultant > | Silicon Landmark, LLC. | http://siliconlandmark.com/ >Received on Thu Dec 16 2004 - 04:40:32 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:24 UTC