<dbextern <at> gmx.de>
2013-01-03 13:58:00 GMT
thank you for the quick response.
# 7 seconds seems slow. Where said that it's a common problem?
# I get around 1 second to SSH to a raspberry pi (700mhz "ARMv6").
# Was it built with the same compiler and compile options?
# Leaving optimisation off could make that difference.
I found a few posts on the mailing list about that topic.
(for example: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2011q1/001098.html
The CPU is at 100% during the login.
Both versions have been compiled with the same external setup.
When the dropbear is the only process running the time is reduced to ~3s which is still a lot slower than the
V0.52 (that does it in less than 1s).
Were Options added between those versions that could have an impact? Did maybe the libtommath/crypt
# I can't see how it wouldn't ask for a password unless
# there's -g or -s on the commandline. Does "ssh -v" show just
# "Authentications that can continue: publickey", not
# "publickey,password" ?
The server gives a
"Authentications that can continue: publickey".
It is started without any options.
Sebastian Fett, R&D
T +49-7191-9669-0, F +49-7191-950000, Sebastian.Fett <at> dbaudio.com, www.dbaudio.com
d&b audiotechnik GmbH, Eugen-Adolff-Straße 134, 71522 Backnang, Germany
Geschäftsführer: Frank Bothe, Markus Strohmeier
Finanzen: Kay Lange; Marketing: Simon Johnston
Sitz: Backnang; Amtsgericht Stuttgart, HRB 725789
Von: Matt Johnston <matt <at> ucc.asn.au>
An: dbextern <at> gmx.de,
Kopie: dropbear <at> ucc.asn.au
Datum: 03.01.2013 12:51
Betreff: Re: Issues after Update from 0.52 to 2012.55; login time; password auth
7 seconds seems slow. Where said that it's a common problem?
I get around 1 second to SSH to a raspberry pi (700mhz "ARMv6").
Was it built with the same compiler and compile options?
Leaving optimisation off could make that difference.
I can't see how it wouldn't ask for a password unless
there's -g or -s on the commandline. Does "ssh -v" show just
"Authentications that can continue: publickey", not
On Thu, Jan 03, 2013 at 12:10:51PM +0100, dbextern <at> gmx.de wrote:
> I'm using dropbear on an embedded System with uCLinux. It works great. And first I want to thank all of you
for the work you put in it.
> After reading about the security fix I updated the dropbear from a (very stable and fast) 0.52 to the new 2012.55.
> After the update two things changed. The login time increased a lot. From next to nothing to about 7s (on a
600MHz CPU). I read that this is a common problem, and that my 7s are still quite good. I'm just surprised
about he increase.
> Secondly the dropbear does not allow password login anymore (the server only gives back "pubkey" as
available option). The according defines in the options.h are still active though. And the dropbear is
started without -s. I'm out of ideas what to try to enable it again. When I just replace the dropbear
executable with the 0.52 version it works again.
> Any thoughts and advide is highly appreciated. Tank you in advance.