An Analysis of the DHEat DoS Against SSH in Cloud Environments

Joseph S. Testa II jtesta at positronsecurity.com
Wed Jun 26 12:20:37 AEST 2024


On Wed, 2024-06-26 at 02:58 +0200, Thorsten Glaser wrote:
> On Tue, 25 Jun 2024, Joseph S. Testa II wrote:
> 
> > the way down to 6%!  Additionally, I noticed that the systemd-
> > journal
> 
> You should test without that thing as well. It’s reportedly a
> known bottleneck (someone on, I think, IRC said that regarding
> a different problem some days ago, incidentally).
> 
> Just use a real syslogd (inetutils-syslogd is nice, for example,
> and rsyslogd and syslog-ng both have fans), (importantly) without
> message routing through systemd-journald.


I'm primarily interested in the performance of the default case, since
the overwhelming majority of sysadmins don't modify any options in sshd
nor syslog.



More information about the openssh-unix-dev mailing list