Greetings, I tried the new Dropbear (which is included with the new Buildroot 2014.02 yeah!) on my slow Microblaze system. I think there is some improvement, but I wonder if I do not have the configuration optimized... The noticeable delay is about 85 seconds, at this debug statement from the client SSH: expecting SSH2_MSG_KEX_ECDH_REPLY
Suggestions welcome! William On Wed, Feb 19, 2014 at 8:28 AM, Matt Johnston <[email protected]> wrote: > Hi all, > > Dropbear 2014.63 is released containing mostly accumulated > bug fixes. Some are for regressions in the past couple of > releases so it's recommended for everyone. > > As usual the URL is > https://matt.ucc.asn.au/dropbear/dropbear.html > or mirrored at > https://dropbear.nl/mirror/ > > Cheers, > Matt > > 2014.63 - Wednesday 19 February 2014 > > - Fix ~. to terminate a client interactive session after waking a laptop > from sleep. > > - Changed port separator syntax again, now using host^port. This is because > IPv6 link-local addresses use %. Reported by Gui Iribarren > > - Avoid constantly relinking dropbearmulti target, fix "make install" > for multi target, thanks to Mike Frysinger > > - Avoid getting stuck in a loop writing huge key files, reported by Bruno > Thomsen > > - Don't link dropbearkey or dropbearconvert to libz or libutil, > thanks to Nicolas Boos > > - Fix linking -lcrypt on systems without /usr/lib, thanks to Nicolas Boos > > - Avoid crash on exit due to cleaned up keys before last packets are sent, > debugged by Ronald Wahl > > - Fix a race condition in rekeying where Dropbear would exit if it > received a > still-in-flight packet after initiating rekeying. Reported by Oliver > Metz. > This is a longstanding bug but is triggered more easily since 2013.57 > > - Fix README for ecdsa keys, from Catalin Patulea > > - Ensure that generated RSA keys are always exactly the length > requested. Previously Dropbear always generated N+16 or N+15 bit keys. > Thanks to Unit 193 > > - Fix DROPBEAR_CLI_IMMEDIATE_AUTH mode which saves a network round trip if > the > first public key succeeds. Still not enabled by default, needs more > compatibility testing with other implementations. > > - Fix for port 0 forwarding in the client and port forwarding with Apache > MINA SSHD. Thanks to > > - Fix for bad system linux/pkt-sched.h header file with older Linux > kernels, from Steve Dover > > - Fix signal handlers so that errno is saved, thanks to Erik Ahlén for a > patch > and Mark Wickham for independently spotting the same problem. >
