how can I reduce binary size of sshd?

Damien Miller djm at
Thu Mar 1 11:45:47 EST 2001

On Wed, 28 Feb 2001, Vikas Dewan wrote:

> Yes, I mean both ssl & ssh, I took out rsa, idea and rc5 from crypto
> ssl. SSHv1 and X11 code from openSSH, but I am thriving for more,
> without impacting most of ssh clients.  Also studying the impact of
> taking out x509 certification stuff. Any idea?

This is what we pull in from the OpenSSL headers. It may be a
rough guide to what we use:

#include <openssl/bio.h>
#include <openssl/blowfish.h>
#include <openssl/bn.h>
#include <openssl/cast.h>
#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/dh.h>
#include <openssl/dsa.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rc4.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>

Note that quite a few of the OpenSSL files have #define controlled
space/time optimisation tradeoffs (e.g the loop unrolling in the RC4


| Damien Miller <djm at> \ ``E-mail attachments are the poor man's
|          /   distributed filesystem'' - Dan Geer

More information about the openssh-unix-dev mailing list