[Bug 440] Protocol 1 server key generated at start up even when P1 not used
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 1 01:37:18 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=440
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1429| |ok?
Flag| |
--- Comment #7 from Darren Tucker <dtucker at zip.com.au> 2008-01-01 01:37:15 ---
Created an attachment (id=1429)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1429)
Generate ephemeral key in inetd mode only for protocol 1 connections
I took another look at this and I think I now know why the original
patch broke protocol 1 (although the patch is now a dead link, so I
can't check).
I think the generation of the ephemeral key was moved to after the
privsep split, which would mean that the key was generated in the
pre-auth privsep slave and not in the monitor where it's needed).
The attached patch fixes this and speeds up "ssh -2 server true" from
around 680 ms to 490 ms on a 1.7GHz Celeron. It passes the regress
tests, which it also speeds up by about 5% (there's lots of sleeps in
the test suite, so the speedup is not as significant).
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the openssh-bugs
mailing list