Nginx won because it was faster, simpler and more easily extended, not because it was "lightweight" per se.
In comparison, dropbear doesn't really do anything that ssh doesn't, and lags in a bunch of esoteric features that "most" people don't use but that inevitably some people do. Who wants to use a distro where one's preferred ssh-agent feature or X11 forwarding inexplicably doesn't work?
Dropbear is small and builds cleanly everywhere, so it's what you pick if you're size constrained or just need "an ssh" for your embedded environment and don't want to bother integrating something larger. No one specifically wants it at the command line on their "Linux" system.
When I was elbow-deep in CLFS[1], I never ran into trouble getting Dropbear to compile and work with my fledgling Linux Distro, and upon reflection that is quite an accomplishment and something I'm thankful for.
Dropbear "just worked", and it worked well. It was the first "portal" into my Distro, and I can still remember SSH'ing into my system for the first time and being completely amazed it worked at all, let alone returned a shell prompt!
Open Source projects don't get enough appreciation, and our Open Source hero's, such as yourself, get even less. Thank you for Dropbear!
First of all, thank you for creating Dropbear SSH. I would love to try it. I am currently using OpenSSH with PAM (Google Authenticator) and Ed25519. Does Dropbear support both PAM and Ed25519?
PAM support is fairly rudimentary and only supports username/password. ed25519 isn't supported - a few people have wanted it I might add it at some point. I haven't seen a real reason to go with that over ecdsa.
The reason to use Ed25519 over ECDSA is that ECDSA can't be used unless you have a good CPRNG. Just ask Sony what happens if you reuse a nonce with (EC-)DSA.
True, that could be a good reason.
Forgot to mention and can't edit in the previous comment, there's a PoC ed25519 implementation I need to look at merging.
In comparison, dropbear doesn't really do anything that ssh doesn't, and lags in a bunch of esoteric features that "most" people don't use but that inevitably some people do. Who wants to use a distro where one's preferred ssh-agent feature or X11 forwarding inexplicably doesn't work?
Dropbear is small and builds cleanly everywhere, so it's what you pick if you're size constrained or just need "an ssh" for your embedded environment and don't want to bother integrating something larger. No one specifically wants it at the command line on their "Linux" system.