>> My ssh implementation supports connection sharing, meaning I pay the
>> public-key performance penalty only once per some-long-period
>> (basically, until something crashes or one end is rebooted).
> Does your connection sharing technique only work among simultaneous
> connections?

No.  Once the underlying sharing connection is open, as long as it
stays up it can be shared among virtual connections that have no
temporal overlap.  My code does let you configure a timeout, so that if
the underlying connection has no virtual connections using it for a
specific time span, it shuts itself down, but it does support an
"infinity" setting for that timeout.

> Is your code base available and faster than the OpenSSx code base?

It is available.  Faster?  I don't *know*; I've never done any speed
tests.  I suspect it is slower for bulk data encryption, since the
crypto is written for code comprehensibility rather than speed.  But we
were talking about the public-key crypto, and that I'm much less sure
of.  The real time sink is the modular exponentiation that's at the
heart of both the supported public-key systems, and for that I use
libgmp; I don't know how libgmp stacks up against the big-integer code
used by OpenSSx.  My guess would be that it's very roughly comparable.

If you want to have a look, see
{ftp,http}://ftp.rodents.montreal.qc.ca/mouse/local/src/moussh/ (what's
there as I type this is a little outdated; I'll bring it up to date in
the next few minutes).

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B