[ale] Inetd Setup Question on RH6.2
Bob's ALE Mail
transam at cavu.com
Sat Dec 9 22:55:11 EST 2000
James Kinney <jkinney at localnetsolutions.com> wrote:
> Redhat 6.2 does not have ssh at all. So their inetd.conf file does not
> support it "out of the box". There are pro and con's to running sshd from
> inetd. Most of the con's have to do with startup speed of the new thread
> to handle an incomming request for connection. If you use the openssh
> rpm's, they will install an /etc/rc.d/init.d/sshd init script for starting
> and stoping based on run levels. This is a great way to run sshd.
A really big con to invoking ssh from inetd is that it causes you to have
to trust two more programs that could have Trojans added, inetd and
inetd.conf. These are prime targets for crackers and they then can invoke a
Trojaned version of sshd (in a different location so that Tripwire or
equivalent will not notice) that suck up your password. True, if someone has
root access he can replace sshd as well but that seems less likely.
> ...
Bob Toxen
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list