<p dir="ltr">Does Dropbeard support ether? I know OpenSSH does, but default installation does not use that.</p>
<p dir="ltr"> Olmari</p>
<div class="gmail_quote">On Sep 8, 2015 21:01, "Vittorio G (VittGam)" <<a href="mailto:openwrt@vittgam.net">openwrt@vittgam.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Il 08.09.2015 18:31 Janusz Dziemidowicz ha scritto:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
SSH time can be greatly reduced by using ECDSA host key. Dropbear can<br>
be compiled with ECDSA support, however:<br>
- it is disabled by default in OpenWRT<br>
- startup script only generates RSA/DSA host keys, ECDSA host key must<br>
be generated manually<br>
<br>
Using 256 bit ECDSA host key reduces SSH login time for me from 0.7s<br>
down to 0.13s. Tested on Netgear WNDR3800, ar71xx/generic, I am not<br>
sure about other architectures.<br>
</blockquote>
<br>
Also, I think ed25519 keys and chacha20-poly1305 encryption might be worth<br>
a try. They should be faster than ECDSA + AES on embedded processors, but<br>
they need a relatively recent version of the SSH client (read: possible<br>
problems on Windows and Macs).<br>
_______________________________________________<br>
openwrt-devel mailing list<br>
<a href="mailto:openwrt-devel@lists.openwrt.org" target="_blank">openwrt-devel@lists.openwrt.org</a><br>
<a href="https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel" rel="noreferrer" target="_blank">https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel</a><br>
</blockquote></div>