IT security people sleep well
Adrian Chadd
adrian at creative.net.au
Tue Jun 8 03:17:23 UTC 2004
On Tue, Jun 08, 2004, Edward B. Dreger wrote:
>
> JF> Date: Mon, 7 Jun 2004 22:31:59 -0400
> JF> From: Jason Frisvold
>
> JF> I don't see why they can't roll it into every ios that runs
> JF> on a router capable of ssh. Ssh and sshd on my linux system
> JF> barely break 500k compiled... And there's a TON of
> JF> functionality in there that isn't required on a router. It
> JF> would seem that you could get ssh put into these code trains
> JF> in under 500k ...
>
> Dynamic linking might be cheating. Static linking might be
> pessimistic. Probably best to compare BSD "crunchgen" images
> with and without ssh/sshd. (2MB total for statically-linked ssh
> and sshd as I compile it.)
A friend of mine here at uni wrote a much, much smaller sshd replacement
he calls "dropbear". Its much, much smaller than sshd. Much smaller.
http://matt.ucc.asn.au/dropbear/dropbear.html
I think its very very cute. Perhaps some vendors with small memory
footprints would consider implementing this kind of tiny sshd?
Adrian
--
Adrian Chadd I'm only a fanboy if
<adrian at creative.net.au> I emailed Wesley Crusher.
More information about the NANOG
mailing list