On 7 Mar 2024, at 20:08, Emil Kronborg via lists.openembedded.org <emil.kronborg=protonmail....@lists.openembedded.org> wrote: > > Socket activation is prone to DoS (denial of service) because too many > connections will permanently deactivate sshd.socket [1]. Also, since > socket units do not allow setting Restart, accepting new connections can > fail due to, for example, OOM (out of memory) [2]. Therefore, it seems > more sensible to use sshd.service by default and let sshd.socket be an > optional choice.
Counter-argument: this is why it’s a PACKAGECONFIG, and socket activation has the advantage that it makes boots faster. If DoS is a concern, then the distro can switch trivially to service activated. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197144): https://lists.openembedded.org/g/openembedded-core/message/197144 Mute This Topic: https://lists.openembedded.org/mt/104795507/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
