Thank you for your reply. If I were to attempt to add support for tomsfastmath, using ltc_mp as you described, which version of dropbear should I start from? And where should I obtain the tomsfastmath library?
Thank you, William On Sat, May 25, 2013 at 3:41 AM, Matt Johnston <[email protected]> wrote: > Hi, > > I think the solution is to use tomsfastmath instead. There was a patched > version posted a while ago on this list. Eventually I'd like to have > Dropbear able to build against either tomsfastmath (for speed) or > libtommath (for portability) using the ltc_mp mechanism in libtomcrypt. > > There's also ECC support nearly complete in the 'ecc' mercurial branch. > That's a few times faster than normal kexdh. It adds around 30kB to binary > size on x86. That should make it into the next Dropbear release, though > only will help for recent OpenSSH peers. > > Matt > > > William Welch <[email protected]> wrote: >> >> Greetings, >> >> First -- thank you for dropbear! I have enjoyed using dropbear on >> various smallish systems for years now! >> >> But I have a problem with a specific system -- admittedly it is rather >> slow -- only 50 BogoMips according to the linux kernel. It is a Microblaze. >> >> I use the Buildroot system for many different routers and other small >> systems here. I have compared different versions of dropbear, against >> openssh. >> >> My issue is with the server mode -- sshd -- I note that on dropbear 0.52 >> (which I happen to run on other routers here), I can connect from my ubuntu >> or mac, to dropbear sshd, in about 45 seconds. This is having disabled the >> RSA host key, and already generated the DSS host key. But on more recent >> versions of dropbear, e.g. 2013.58, several minutes elapse without a >> connection. >> >> In contrast, switching to openssh in buildroot, and also disabling the >> RSA host key, connection time is 5 to 10 seconds! Unfortunately, the >> openssh has a huge 'footprint' in the flash filesystem that I would rather >> avoid. >> >> The issue seems to be in the key exchange ( I can watch this by doing >> 'ssh -v ' from my client connection). Meanwhile, running 'top' on my >> Microblaze shows near 100% cpu used. the debug message is: expecting >> SSH2_MSG_KEXDH_REPLY >> >> Buildroot has the gnu cross tool chain set to 'optimize for size' in all >> cases. >> >> Suggestions welcome! >> >> thank you, >> >> William >> >>
