offline keygeneration

[Prasad]

>
> In a general purpose system it would probably be best to
> avoid writing keys to disk, but in an embedded system it
> probably mighn't matter so much (it's a ramdisk anyway?).
> It'll depend on your application.

I am writing it in the /var/tmp which is ramdisk, so it is not a problem.

>
> I'll have a think about a way that Dropbear could do this by
> default - if the listening process could generate keys while
> waiting for new connections, but break out upon a client
> connecting, that would be quite handy.

I am not sure how this might scale for inetd based system. In that
case, we need to have a seperate task as i said to achieve this.

>
> You don't need to call reseedrandom() or crypto_init(), that
> should be fine I think.
>
> > 4) It also fails few times with this method (need to investigate why)
>
> No idea there.

Still i am unsuccessful to make the offline keycreate task stable
along with multiple session. When i just initialize bywith
seedrandom() and then calling gen_kexdh_vals() in a loop once in a
while . The foreground ssh gets struck in the expmod function
sometimes or the task sometimes gets memalloc error when couple of ssh
request comes simultaenously. I find that libtommath uses too many
malloc and free each time.

>
> Thinking a bit more about your hardware, is there any chance
> of increasing the cache size? (does it have any?) Someone
> else using libtommath on a microblaze device seems to think
> that it's the memory speed that makes it so slow [1].

I already increased the data and instruction cache to max. So i dont
think i can increase that anymore.

Thanx
- Prasad