In a general purpose system it would probably be best to avoid writing keys to disk, but in an embedded system it probably mighn't matter so much (it's a ramdisk anyway?). It'll depend on your application.
I am writing it in the /var/tmp which is ramdisk, so it is not a problem.
I'll have a think about a way that Dropbear could do this by default - if the listening process could generate keys while waiting for new connections, but break out upon a client connecting, that would be quite handy.
I am not sure how this might scale for inetd based system. In that case, we need to have a seperate task as i said to achieve this.
You don't need to call reseedrandom() or crypto_init(), that should be fine I think. > 4) It also fails few times with this method (need to investigate why) No idea there.
Still i am unsuccessful to make the offline keycreate task stable along with multiple session. When i just initialize bywith seedrandom() and then calling gen_kexdh_vals() in a loop once in a while . The foreground ssh gets struck in the expmod function sometimes or the task sometimes gets memalloc error when couple of ssh request comes simultaenously. I find that libtommath uses too many malloc and free each time.
Thinking a bit more about your hardware, is there any chance of increasing the cache size? (does it have any?) Someone else using libtommath on a microblaze device seems to think that it's the memory speed that makes it so slow [1].
I already increased the data and instruction cache to max. So i dont think i can increase that anymore. Thanx - Prasad
