Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Telnet/ssh connection refused



On Mon, Dec 11, 2000 at 11:45:31AM +0900, Antony Stace wrote:

> i currently have it starting as a /etc/rc.d/rc3.d script, is this the
> say to go?

Yes.  Run sshd as a daemon.

> whats wrong with having it in /etc/inet.d.conf?

Well, for instance, if you run it out of inetd it will pause to generate
the session key each and every time you connect.

Reference: http://www.employees.org/~satch/ssh/faq/ssh-faq-4.html#ss4.6

Additional reasons: running it out of inetd duplicates most of the host
restriction directives in sshd2_config (assuming an inetd that is using
tcpwrappers -- if your site isn't, you _will_ be cracked), resulting
in even more startup delays and the possibility of really weird configuration
errors.

Lastly, I've personally seen sshd misbehave when run out of inetd.  If your
ssh client displays "Illegal protocol version" or "Garbage at the end of
session", you've juyst seen the bug.

-- Chris


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links