Hello, sshd has a dependancy to systemd, and thus includes a lot of libraries, which augments its attack surface.
The recent xz-utils issue [1] has lead to this post by someone suggesting (with a patch, apparently) to confine the sshd -> systemd dependancy in a subprocess [2]. Maybe you want to look into it? Thank you. [1] https://www.openwall.com/lists/oss-security/2024/03/29/4 [2] https://www.openwall.com/lists/oss-security/2024/03/29/23
