<div dir="ltr">Greetings,<div><br></div><div>I tried the new Dropbear (which is included with the new Buildroot 2014.02 yeah!) on my slow Microblaze system. I think there is some improvement, but I wonder if I do not have the configuration optimized... The noticeable delay is about 85 seconds, at this debug statement from the client SSH: <span style="background-color:rgb(29,29,29);color:rgb(245,245,245);font-family:Menlo;font-size:18px">expecting SSH2_MSG_KEX_ECDH_REPLY</span><div class="gmail_extra">
<br>Suggestions welcome!</div><div class="gmail_extra"><br></div><div class="gmail_extra">William</div><div class="gmail_extra"><br><br><br><div class="gmail_quote">On Wed, Feb 19, 2014 at 8:28 AM, Matt Johnston <span dir="ltr"><<a href="mailto:matt@ucc.asn.au" target="_blank">matt@ucc.asn.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi all,<br>
<br>
Dropbear 2014.63 is released containing mostly accumulated<br>
bug fixes. Some are for regressions in the past couple of<br>
releases so it's recommended for everyone.<br>
<br>
As usual the URL is<br>
<a href="https://matt.ucc.asn.au/dropbear/dropbear.html" target="_blank">https://matt.ucc.asn.au/dropbear/dropbear.html</a><br>
or mirrored at<br>
<a href="https://dropbear.nl/mirror/" target="_blank">https://dropbear.nl/mirror/</a><br>
<br>
Cheers,<br>
Matt<br>
<br>
2014.63 - Wednesday 19 February 2014<br>
<br>
- Fix ~. to terminate a client interactive session after waking a laptop<br>
from sleep.<br>
<br>
- Changed port separator syntax again, now using host^port. This is because<br>
IPv6 link-local addresses use %. Reported by Gui Iribarren<br>
<br>
- Avoid constantly relinking dropbearmulti target, fix "make install"<br>
for multi target, thanks to Mike Frysinger<br>
<br>
- Avoid getting stuck in a loop writing huge key files, reported by Bruno<br>
Thomsen<br>
<br>
- Don't link dropbearkey or dropbearconvert to libz or libutil,<br>
thanks to Nicolas Boos<br>
<br>
- Fix linking -lcrypt on systems without /usr/lib, thanks to Nicolas Boos<br>
<br>
- Avoid crash on exit due to cleaned up keys before last packets are sent,<br>
debugged by Ronald Wahl<br>
<br>
- Fix a race condition in rekeying where Dropbear would exit if it received a<br>
still-in-flight packet after initiating rekeying. Reported by Oliver Metz.<br>
This is a longstanding bug but is triggered more easily since 2013.57<br>
<br>
- Fix README for ecdsa keys, from Catalin Patulea<br>
<br>
- Ensure that generated RSA keys are always exactly the length<br>
requested. Previously Dropbear always generated N+16 or N+15 bit keys.<br>
Thanks to Unit 193<br>
<br>
- Fix DROPBEAR_CLI_IMMEDIATE_AUTH mode which saves a network round trip if the<br>
first public key succeeds. Still not enabled by default, needs more<br>
compatibility testing with other implementations.<br>
<br>
- Fix for port 0 forwarding in the client and port forwarding with Apache MINA SSHD. Thanks to<br>
<br>
- Fix for bad system linux/pkt-sched.h header file with older Linux<br>
kernels, from Steve Dover<br>
<br>
- Fix signal handlers so that errno is saved, thanks to Erik Ahlén for a patch<br>
and Mark Wickham for independently spotting the same problem.<br>
</blockquote></div><br></div></div></div>