<div dir="ltr"><div style>Thank you for your reply.</div><div style><br></div>If I were to attempt to add support for tomsfastmath, using ltc_mp as you described, which version of dropbear should I start from? And where should I obtain the tomsfastmath library?<div>
<br></div><div style>Thank you,</div><div style><br></div><div style>William</div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, May 25, 2013 at 3:41 AM, Matt Johnston <span dir="ltr"><<a href="mailto:matt@ucc.asn.au" target="_blank">matt@ucc.asn.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>Hi,<br>
<br>
I think the solution is to use tomsfastmath instead. There was a patched version posted a while ago on this list. Eventually I'd like to have Dropbear able to build against either tomsfastmath (for speed) or libtommath (for portability) using the ltc_mp mechanism in libtomcrypt.<br>
<br>
There's also ECC support nearly complete in the 'ecc' mercurial branch. That's a few times faster than normal kexdh. It adds around 30kB to binary size on x86. That should make it into the next Dropbear release, though only will help for recent OpenSSH peers.<span class="HOEnZb"><font color="#888888"><br>
<br>
Matt</font></span><div><div class="h5"><br><br><div class="gmail_quote">William Welch <<a href="mailto:bvwelch@gmail.com" target="_blank">bvwelch@gmail.com</a>> wrote:<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Greetings,<div><br></div><div>First -- thank you for dropbear! I have enjoyed using dropbear on various smallish systems for years now!</div><div><br></div><div>But I have a problem with a specific system -- admittedly it is rather slow -- only 50 BogoMips according to the linux kernel. It is a Microblaze.</div>
<div><br></div><div>I use the Buildroot system for many different routers and other small systems here. I have compared different versions of dropbear, against openssh.</div><div><br></div><div>My issue is with the server mode -- sshd -- I note that on dropbear 0.52 (which I happen to run on other routers here), I can connect from my ubuntu or mac, to dropbear sshd, in about 45 seconds. This is having disabled the RSA host key, and already generated the DSS host key. But on more recent versions of dropbear, e.g. 2013.58, several minutes elapse without a connection. </div>
<div><br></div><div>In contrast, switching to openssh in buildroot, and also disabling the RSA host key, connection time is 5 to 10 seconds! Unfortunately, the openssh has a huge 'footprint' in the flash filesystem that I would rather avoid.</div>
<div><br></div><div>The issue seems to be in the key exchange ( I can watch this by doing 'ssh -v ' from my client connection). Meanwhile, running 'top' on my Microblaze shows near 100% cpu used. the debug message is: expecting SSH2_MSG_KEXDH_REPLY</div>
<div><br></div><div>Buildroot has the gnu cross tool chain set to 'optimize for size' in all cases.</div><div><br></div><div>Suggestions welcome!</div><div><br></div><div>thank you,</div>
<div><br></div><div>William</div><div><br></div></div>
</blockquote></div></div></div></div></blockquote></div><br></div>