On 4/23/20 10:14 AM, Andre McCurdy wrote: > On Thu, Apr 23, 2020 at 1:30 AM Alex Kiernan <[email protected]> wrote: >> On Wed, Apr 22, 2020 at 7:48 PM Andre McCurdy <[email protected]> wrote: >>> On Wed, Apr 22, 2020 at 6:52 AM Alex Kiernan <[email protected]> wrote: >>>> >>>> sshd.socket launches the templated [email protected], so by moving the >>>> sshdgenkeys.service to sshd.socket, key generation can start in advance >>>> of a connection. >>> >>> Is deferring key generation until the first connection a bug or by design? >> >> If you've installed it, presumably you're expecting connections. But I >> agree you could argue it either way. > > The trade off is between slower first boot (or every boot for > read-only rootfs if host keys are not persistent) -vs- slower first > incoming ssh connection. > > Since the first incoming ssh connection may never happen (especially > if ssh is only used for debugging or development), optimising it at > the expense of boot time doesn't seem to be an obvious improvement. >
I tend to agree. Perhaps it could be covered under read-only-rootfs DISTRO_FEATURE > > >
signature.asc
Description: OpenPGP digital signature
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#137453): https://lists.openembedded.org/g/openembedded-core/message/137453 Mute This Topic: https://lists.openembedded.org/mt/73195919/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
