Test snapshot

douglas.manton at uk.ibm.com douglas.manton at uk.ibm.com
Wed Aug 23 23:21:10 EST 2000 


Damien,

Compiles and installs cleanly under AIX 4.3.3 (latest patchlevel) with
IBM's latest C++ compiler.

The fixprogs script take forever on install -- I narrowed this down to
"ipcs -a" on my very busy RS/6000 taking about five minutes to complete.
Dropped this from ssh_prng_cmds.in and all is well.

I refreshed sshd, kicked in the new ssh-agent, loaded my DSA and RSA keys
and tried a local connection.  Connecting with protocol 1.5 seems okay.
Connecting with protocol 2 takes an age and once connected the performance
reminds me of my first ever dot-matix printer -- about 10 minutes per page.
Retrying without the agent does not improve the matter, nor does password
authentication.  I have also tried switching session encryption from 3des
to blowfish.  Connecting to my server from SecureCRT shows the same
symptoms.

Compiled with:

    CFLAGS="-qlanglvl=extended -qcpluscmt -O2" ./configure --prefix=/usr
    --sysconfdir=/etc/ssh --without-pam --with-ipaddr-display
--with-ipv4-default

Reports:

    OpenSSH configured has been configured with the following options.
                 User binaries: /usr/bin
               System binaries: /usr/sbin
           Configuration files: /etc/ssh
               Askpass program: /usr/libexec/ssh/ssh-askpass
                  Manual pages: /usr/man/catX
                      PID file: /var/run
      Random number collection: Builtin (timeout 200)
                Manpage format: cat
                   PAM support: disabled
            KerberosIV support: no
                   AFS support: no
                 S/KEY support: no
          TCP Wrappers support: no
          MD5 password support: no
   IP address in $DISPLAY hack: yes
      Use IPv4 by default hack: yes
       Translate v4 in v6 hack: no

    Compiler flags: -qlanglvl=extended -qcpluscmt -O2 -I/usr/local/include
    Linker flags:  -L/usr/local/lib -blibpath:/usr/lib:/lib:/usr/local/lib
    Libraries: -lnsl -lz  -lcrypto

Changing the random number timeout to 100 does not appear to make any
difference.

Lots of good work has gone into this project -- I think I speak for
everyone when I say "thank-you" to all who have contributed.

Many thanks,
--------------------------------------------------------
 Doug Manton, AT&T EMEA Firewall and Security Solutions

                    demanton at att.com
--------------------------------------------------------
"If privacy is outlawed, only outlaws will have privacy"

More information about the openssh-unix-dev mailing list