On Sat, Apr 26, 2014 at 12:14 PM, Nico Kadel-Garcia <nkadel@xxxxxxxxx>wrote: > > Isn't it significantly more efficient to allow sshd to do its own > forks, rather than doing 'ssd -D' sshd -i > and having one new daemon running > for every connection? In the common case, probably not, since sshd re-execs itself on each connection (using a lot of code originally for -i) to provide randomization of the runtime environment (ASLR and such). Protocol 1 connections will need to generate an ephemeral server key so they'll probably be noticeably slower. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev