slow logins -- some data for comparison

William Welch bvwelch at gmail.com
Sat May 25 23:01:16 WST 2013 

Thank you for your reply.

If I were to attempt to add support for tomsfastmath, using ltc_mp as you
described, which version of dropbear should I start from?  And where should
I obtain the tomsfastmath library?

Thank you,

William



On Sat, May 25, 2013 at 3:41 AM, Matt Johnston <matt at ucc.asn.au> wrote:

> Hi,
>
> I think the solution is to use tomsfastmath instead. There was a patched
> version posted a while ago on this list. Eventually I'd like to have
> Dropbear able to build against either tomsfastmath (for speed) or
> libtommath (for portability) using the ltc_mp mechanism in libtomcrypt.
>
> There's also ECC support nearly complete in the 'ecc' mercurial branch.
> That's a few times faster than normal kexdh. It adds around 30kB to binary
> size on x86. That should make it into the next Dropbear release, though
> only will help for recent OpenSSH peers.
>
> Matt
>
>
> William Welch <bvwelch at gmail.com> wrote:
>>
>> Greetings,
>>
>> First -- thank you for dropbear!  I have enjoyed using dropbear on
>> various smallish systems for years now!
>>
>> But I have a problem with a specific system -- admittedly it is rather
>> slow -- only 50 BogoMips according to the linux kernel. It is a Microblaze.
>>
>> I use the Buildroot system for many different routers and other small
>> systems here.  I have compared different versions of dropbear, against
>> openssh.
>>
>> My issue is with the server mode -- sshd --  I note that on dropbear 0.52
>> (which I happen to run on other routers here), I can connect from my ubuntu
>> or mac, to dropbear sshd, in about 45 seconds.  This is having disabled the
>> RSA host key, and already generated the DSS host key.   But on more recent
>> versions of dropbear, e.g. 2013.58, several minutes elapse without a
>> connection.
>>
>> In contrast, switching to openssh in buildroot, and also disabling the
>> RSA host key, connection time is 5 to 10 seconds!  Unfortunately, the
>> openssh has a huge 'footprint' in the flash filesystem that I would rather
>> avoid.
>>
>> The issue seems to be in the key exchange ( I can watch this by doing
>> 'ssh -v ' from my client connection).  Meanwhile, running 'top' on my
>> Microblaze shows near 100% cpu used.  the debug message is: expecting
>> SSH2_MSG_KEXDH_REPLY
>>
>> Buildroot has the gnu cross tool chain set to 'optimize for size' in all
>> cases.
>>
>> Suggestions welcome!
>>
>> thank you,
>>
>> William
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20130525/4b2127dc/attachment.htm

More information about the Dropbear mailing list