Differential D46638

EC2: Disable RSA host key generation for sshd
ClosedPublic
Actions

Authored by cperciva on Sep 11 2024, 5:09 AM.

Details

Reviewers: None
Commits: rG0aabcd75dbc2: EC2: Disable RSA host key generation for sshd

Summary

These are largely obsolete, and generating them is responsible for
over 10% of the total boot time of EC2 instances.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

cperciva created this revision.Sep 11 2024, 5:09 AM

Herald added subscribers: jrtc27, imp. · View Herald TranscriptSep 11 2024, 5:09 AM

cperciva requested review of this revision.Sep 11 2024, 5:09 AM

Harbormaster completed remote builds in B59437: Diff 143226.Sep 11 2024, 5:09 AM

Perhaps just do this globally?

In D46638#1062943, @lwhsu wrote:

Perhaps just do this globally?

I considered that, but thought maybe better to wait for 16 for that. After all, for physical servers, the amount of time spent generating the RSA host key is small compared to the time spent installing FreeBSD; it only matters in the context of "pre-installed" FreeBSD.

This revision was not accepted when it landed; it landed in state Needs Review.Sep 18 2024, 6:48 AM

Closed by commit rG0aabcd75dbc2: EC2: Disable RSA host key generation for sshd (authored by cperciva). · Explain Why

This revision was automatically updated to reflect the committed changes.

cperciva added a commit: rG0aabcd75dbc2: EC2: Disable RSA host key generation for sshd.