[ale] sshd and inetd

Alexei Rodriguez alexei at mindspring.com
Thu Nov 21 17:22:50 EST 1996


Cory T. Echols wrote:
> 
>         I'd like to integrate sshd with inetd and was wondering
> a couple things.  The man pages for ssh say that it's a drop-in
> replacement for rlogin, etc.  Does this mean I could simply
> change all references to rlogind to sshd in my /etc/inetd.conf
> file?  Or is there more to it than that?


Not quite. What the man page means is that whith ssh you can have the
functionality replacement. That is, rather than telnet, you can ssh into
a box. Rather than rlogin or rsh or rcp, you can use the ssh
equivalents.
Thus you would run sshd at boot time. You would comment out all of the
services that ssh would be "replacing".


>         The other thing I was wondering was is this even an
> adviseable thing to do?  sshd does some things with key management
> (i.e. regenerating keys every hour, not keeping them on disks) that
> makes it seem like starting sshd via inetd would bring more
> disadvantages than benefits.

What makes you think that ssh generates new keys every hour?
The INSTALL file describes how the key management works and addresses
why
you would not want to run sshd out of inetd. You can, just use the -i 
flag. 

ssh is a wonderful tool. You can have a web of trusted machines. If a
machine has it's key compromised, you are alerted to this. The port 
forwarding and compression is quite nice. Also, ssh does not count
towards the user limits on certain OS'es (ie: you can ssh into a box
multiples whereas you might only be able to telnet in 2 times, etc).

ssh does not address the  issues of key management (you have to manually
put your public keys out on the hosts) or centralized password
management.

What it does it does very well.


Alexei






More information about the Ale mailing list