Use |mprotect()| to secure key data ? / was: Re: Proposal: always handle keys in separate process

[Stephen Harris]

On Wed, Jan 20, 2016 at 01:53:41AM +0100, Roland Mainz wrote:
> Well, I am not happy with the solution because it adds *lots* of extra
> overhead (not noticeable on today's multi-GHz desktop machines but on
> small embedded machines this bites back).

Serious question: how many small embedded machines that can't afford
another process are running openssh vs dropbear server?

-- 

rgds
Stephen