On Mon, 2003-03-31 at 14:51, Vincent Danen wrote:
> On Mon Mar 31, 2003 at 05:20:23PM -0500, Kwan Lowe wrote:
>
> > > You need to actually start openssh... installing the rpm doesn't
> > > automagically start it after you install the rpm. You have to "service sshd
> > > start" and then it will create the keys if they don't exist.
> > >
> > OK I see what happened...
> > The package created both an xinetd and standalone version of the run
> > scripts. The standalone version functions correctly. When started via
> > xinetd it does not create the keys.
>
> Wonderful... I love it when people change my packages without informing me.
> Why ssh is running out of xinetd is beyond me.
>
> Thierry, is there a reason why we want/need openssh to run out of xinetd?
> That just seems silly to me.
Honestly I didn't think it was possible... hmmmm but shure as shoot.
/etc/xinetd.d/sshd-xinetd does exist. I thought the d in sshd meant
daemon..... oh never mind. The interesting thing is is that the server
listed is sshd with a -i option.
>From the man page.
-i Specifies that sshd is being run from inetd. sshd is
normally not run from inetd because it needs to generate
the server key before it can respond to the client, and
this may take tens of seconds. Clients would have to wait
too long if the key was regenerated every time. However,
with small key sizes (e.g., 512) using sshd from inetd may
be feasible.
>From what I can see it should regen the key everytime it runs and only
when it runs. So not having a key on the box would be normal. Wouldn't
this really muck up RSA authentication and key checking?
James
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
