Matt Johnston
Matt Johnston
Not sure that I'll get this done myself but I'd be happy to merge patches. Whether to enable it by default depends on resource usage - code size and how...
From the timestamps it looks like something is delayed in the kernel booting, before any userspace programs run? ``` [Di Jun 28 12:40:16 2022] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s31f6: link becomes ready...
I wasn't aware of it, though haven't benchmarked. libtommath was updated in 2020.79 which seems the most likely change. [Update LibTomMath to 1.2.0](https://github.com/mkj/dropbear/commit/b4bd23b4d2a4c640880b49069e02cd598dd03416) [update ltm to 1.1.0 and enable FIPS...
Ah, the `CFLAGS` order changed in libtommath's own makefile. Previously its own `-O3` came after Dropbear's default `-Os`, in 2022.82 it builds with `-Os`. Could you try the patch below?...
OK right. When I get a chance I'll see if I can compare `perf` of the releases (and rummage for some older boards to try). On x64 here the `make...
I think having a default of `-O3` for the crypto/maths libraries makes sense (that's where performance matters), but `-Os` is a better default for non-performance code. I guess there could...
Is the a particular platform/acceleration you're interested in? There's a mention of AES for libtomcrypt https://github.com/libtom/libtomcrypt/pull/557#issuecomment-910552156 , though acceleration might also be useful for ECC. I don't know if /dev/crypto...
Dropbear doesn't currently implement Linux audit events. I'd be happy to merge patches adding it.
Dropbear doesn't currently support it. In the past there have been a few patches such as https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2016q2/001895.html though I've been reluctant to apply those given forced password-change corporate policies are...
It looks like OpenSSH's sftp-server would require at least a dozen .c files to build. It seems relatively separate from other parts of OpenSSH, though would still need various configure...