> When a new session is established, a private session key is generated
> by the server.  This is the pause you are seeing when ssh'ing to
> sparc machines.

No, actually.  Go read the spec - a session key is generated, but it
(a) is done in a fairly fast way (by hashing data derived from key
exchange) and (b) is done by both ends.  It's the key exchange itself
that's slow.

If you're using diffie-hellman-group-exchange-sha1 rather than
diffie-hellman-group1-sha1, the server does have to generate some stuff
for key exchange, but SPARCs are slow even when using
diffie-hellman-group1-sha1.

I haven't profiled the code, so I don't know exactly what it is that's
slow (though I suspect the modular exponentiation involved in
public-key operations).  But I _have_ done enough work to be certain
that it's key exchange that's slow, rather than the generating of
session keys after key exchange completes.  (Well, in my experience.  I
suppose it's conceivable that some implementation is sufficiently
stupid that key generation takes a nontrivial time, but it seems
unlikely.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B