OESF Portables Forum

Everything Else => Zaurus Distro Support and Discussion => Distros, Development, and Model Specific Forums => Archived Forums => Angstrom & OpenZaurus => Topic started by: bluey on June 07, 2004, 01:42:39 am

Title: One word: disable sshd! (erm...)
Post by: bluey on June 07, 2004, 01:42:39 am

If you don\'t use it, disable it by default and add a desktop icon to enable it, better yet, move it to inetd if you really need it always on.

I noticed a huge boost in performance when sshd is disabled... even on apps using the compat libs, and even on opera, it starts to that sharp page in 4/5 seconds... (opera 6).

Try it.

Title: One word: disable sshd! (erm...)
Post by: x86Daddy on June 08, 2004, 02:29:05 pm

Which method did you use to disable?  Remove the link in rc2.d?

Title: One word: disable sshd! (erm...)
Post by: bluey on June 08, 2004, 07:53:24 pm

The ssh init script has a hack to disable it without doing it, the only problem with that hack, is that you can\'t use the init script to start it later... it works by creating a file he tests for and if exists he exits the script...

The best way would be to delete the link, or rename it, so it doesn\'t start with a S, adding a dot \".\" to the beggining should suffice.

I said this, but sometimes things slow down again, other times they\'re ok... I\'ll be testing a bit more to find out what\'s happening.

One thing I think should be changed is the way opie gets started... script which calls script to call the script that call the script which calls the script that... There should be a script which starts opie, so there wasn\'t 2 ou 3 sessions of busybox running (well, maybe one... shared memory and stuff...)... Well, they should know what they\'re doing, I\'m just talking.

Title: One word: disable sshd! (erm...)
Post by: bluey on June 08, 2004, 07:56:20 pm

I noticed a speed up when stopping the ssh daemon, tell me if it works with you, could\'ve been another thing, and my comment turns null, which I\'ll point out if I find it really is another thing...

Maybe this is why there\'s the intention to move to dropbear instead of openssh(d)...

Title: One word: disable sshd! (erm...)
Post by: edbarrett on June 25, 2004, 01:34:49 pm

Quote

The best way would be to delete the link, or rename it, so it doesn't start with a S, adding a dot "." to the beggining should suffice.

The standard way to do this is to change the S to a K, so a

Code: [Select]

# mv S20ssh K20ssh
should suffice.

Title: One word: disable sshd! (erm...)
Post by: bluedevils on June 25, 2004, 02:01:09 pm

Each to their own, but the standard I was taught was S to an s.  If it was properly implemented there should be a K representation already there.

Title: One word: disable sshd! (erm...)
Post by: bigj on June 25, 2004, 03:28:35 pm

Quote

Each to their own, but the standard I was taught was S to an s.  If it was properly implemented there should be a K representation already there.

Proper implementation is having reboot/shutdown scripts located in either rc.6 (reboot) or rc.0 (shutdown).

bigj

Title: One word: disable sshd! (erm...)
Post by: bluedevils on June 25, 2004, 03:51:25 pm

and every rc below the highest operating status.  These are the kill scripts that would bring you down to init 1 from init 3 and so on.......They should not just be in 0 and 6

Title: One word: disable sshd! (erm...)
Post by: bluedevils on June 25, 2004, 04:00:17 pm

BTW  sshd on the outdated tkcrom has it in inetd.  I wonder how the cacko and pdaxrom have implemented it.

Title: One word: disable sshd! (erm...)
Post by: Stubear on June 25, 2004, 11:33:17 pm

Adding ssh to inetd.conf is the best option in my opinion, then it only runs when it is needed and for as
long as it is needed.

No more sucking of resources when you Z aint connected to anything (unless you like sshing from the konsole to 127.0.0.1 )

Add the following to inetd.conf

Code: [Select]

#sshd support added below
ssh stream  tcp nowait  root    /usr/sbin/sshd sshd -i -q -f /etc/ssh/sshd_config
You will need to restart inetd and shutdown ssh, but from now on sshd only runs when needed.

Stu

Title: One word: disable sshd! (erm...)
Post by: Pyrates on June 26, 2004, 06:17:57 am

Stubear, are you sure this is working? I put that line into my inetd.conf, restartet inetd and killed sshd. But now I can't ssh into my Z, its "ssh: connect to host zaurus port 22: Connection refused". I think I remember trying to run sshd from inetd on my router, but eventually gave up. Can anybody help me here? I don't know how to find out what's wrong... Thanks for any help

Cheers
Philipp

Title: One word: disable sshd! (erm...)
Post by: Stubear on June 26, 2004, 09:24:12 am

Quote

Stubear, are you sure this is working? I put that line into my inetd.conf, restartet inetd and killed sshd. But now I can't ssh into my Z, its "ssh: connect to host zaurus port 22: Connection refused". I think I remember trying to run sshd from inetd on my router, but eventually gave up. Can anybody help me here? I don't know how to find out what's wrong... Thanks for any help

Cheers
Philipp

Yep, been doing it this way since I got my Z in August last year.

For some reason the first time I installed ssh (and again when I was trying out the Cacko rom) I had to run sshd from the command line as root. Just type "sshd", it should give you the prompt back automatically, from then on it works from inetd.

You may want to check that the paths in the string I gave match the paths to sshd and sshd_config

Stu