A question about OpenSSH_3.4p1 on Solaris 8

Ben Lindstrom mouring at etoh.eviladmin.org
Sat Oct 26 01:53:38 EST 2002



On Fri, 25 Oct 2002, Roger Wang wrote:

> Ben, thanks for the reply.
>
> What made me curious is there is only one "sshd"
> daemon generated for commecial SSH - I'm testing both
> commecial SSH and openSSH.
>

The reason is the commerical version of ssh lumps all root critical and
non root critical code into one process.  They step up or down the
security as they need it.   In the past such designs have proven that any
slighest buffer overflow or bad coding can/will cause a comprised server.

> Appreciate if you can give more input on this. I have
> concern about the performance impact of "sshd".
>

Never benchmarked it.. But I see one BSD server I connect to has 33 people
on it and who knows what else is running on it.  It seems to be doing
very well (0.33 load or less).  Not dead sure what hardware, but I know it
is intel and not multiple processors.

- Ben




More information about the openssh-unix-dev mailing list