yes, i can verify that SSH2_MSG_KEX_DH_GEX_GROUP is slow,
but it should spend all the time in openssl (or waiting
for the peer).
On Mon, Feb 12, 2001 at 04:15:11PM +0100, Lutz Jaenicke
wrote:> Hi!
>
> I have experimented a bit with the latest OpenSSH from the CVS archive.
> I could realize some connections succesfully, but I experienced performance
> problem during the connection phase.
> It seems, that the client needs quite some computer time just after
> debug: Got SSH2_MSG_KEX_DH_GEX_GROUP.
> By inserting test-printouts, I verifyed that the dh_gen_key(dh); call
> seems to take that long. On a HP C180 it takes around 8 seconds.
> OpenSSH is built without optimization but as far as I could see, the
> time is spent in the OpenSSL library (built with maximum optimization).
> There are other places in which 3-4 seconds are spent each.
>
> Can somebody verify these observations?
> Setup is the default setting.
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke Lutz.Jaenicke at
aet.TU-Cottbus.DE
> BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
>