I'm not sure how that would make any difference at all. The problem is that it's hard for sshd to maintain the necessary state across multiple invocations when it's being invoked once per connection rather than having a master process that can trivially keep track of all the inter-connection state it needs.
Persisting the necessary state in the filesystem somewhere would no doubt be in principle possible, but would require careful locking and such, and would add more code to the pre-authentication attack surface. Upstream is in general very cautious about such changes, and I think rightly so. AFAICS even Fedora doesn't do this yet, and one would normally expect them to be enthusiastic about pushing for systemd-specific enhancements. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1576353 Title: Install openssh-server with disabled password auth by default on servers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-cdimage/+bug/1576353/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
