I think we are possibly interested in switching to DIRECT IO (given that it bypasses any caching system including page cache) when reading *.PEM file
Sorry, but this makes no sense. The data could just as well be read from the SSH process memory space. Direct IO has some additional complexity; this may well be avoided. It makes *zero* sense to panic now and start "hardening" [which direct IO wouldn't even be!] individual programs - if separate memory spaces are not available, "all hope is lost". _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
