RSA default key size of 2048 bits too large for low-spec systems

Brent Roman brent at
Sat Jun 24 09:31:16 AWST 2017

I recently upgraded some low power ARM9 systems from dropbear v0.52 to 

Everything went well until a system system tried to generate server keys 
on first boot.
Then it hung while working to generate the default 2048 bit RSA key.

Further investigation determined that it had not really hung.
Given many tens of minutes, it would complete the initial boot.

Why did we decide to change the default to 2048 bit keys given the cost 
of generating these on the embedded systems for which it is intended to run?

The #define for setting the default key size is currently in a .c file.
Could this be moved to the options.h file with a comment recommending 
reducing the default size when targeting slow systems?

Note, I do realize that there is a -s option for dropbearkey, but the 
appropriate values for that option are dependent on the key algorithm 
selected.  I believe the defaults should always be usable.

Dropbear is a great piece of Open Source software.

I hope you'll consider this small change.

- brent

More information about the Dropbear mailing list