In message <[EMAIL PROTECTED]>, Rick Moen writes:
>begin Armand Welsh quotation:
>
>> I don't know the specifics on why it's started this way, but I do know that
>> my ssh daemon reads the hosts.allow, and hosts.deny files, and bases it's
>> security off of these. So that may be the reason.
>
>Nope. That goal can be accomplished by compiling sshd with libwrap, and
>not running it under inetd.
>
>I can't think of any situation where it's beneficial to run sshd under
>inetd, except for extreme RAM shortages (which suggest an obvious and
>different cure). I'd say somebody made an error.
I haven't check ssh2, but for ssh1 the reason was to save the expense
of large prime generation at start-up. This is clearly documented in
the man page. What, if anything, does the sshd2 man page say about the
-i flag (or equivalent)?
--Steve Bellovin
