[71078] in North American Network Operators' Group
Re: IT security people sleep well
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Mon Jun 7 23:23:10 2004
Date: Tue, 8 Jun 2004 11:17:23 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0406080258130.16562-100000@a.mx.ict1.everquick.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Jun 08, 2004, Edward B. Dreger wrote:
>
> JF> Date: Mon, 7 Jun 2004 22:31:59 -0400
> JF> From: Jason Frisvold
>
> JF> I don't see why they can't roll it into every ios that runs
> JF> on a router capable of ssh. Ssh and sshd on my linux system
> JF> barely break 500k compiled... And there's a TON of
> JF> functionality in there that isn't required on a router. It
> JF> would seem that you could get ssh put into these code trains
> JF> in under 500k ...
>
> Dynamic linking might be cheating. Static linking might be
> pessimistic. Probably best to compare BSD "crunchgen" images
> with and without ssh/sshd. (2MB total for statically-linked ssh
> and sshd as I compile it.)
A friend of mine here at uni wrote a much, much smaller sshd replacement
he calls "dropbear". Its much, much smaller than sshd. Much smaller.
http://matt.ucc.asn.au/dropbear/dropbear.html
I think its very very cute. Perhaps some vendors with small memory
footprints would consider implementing this kind of tiny sshd?
Adrian
--
Adrian Chadd I'm only a fanboy if
<adrian@creative.net.au> I emailed Wesley Crusher.
