Yes, I know what you mean but I was thinking that is would avoid remembering one more password because using an existing password (used for other purposes) would be revealing that.
I'm really not sure what you mean there - are you talking about reusing a password that you use elsewhere? The use of keys on SSH overcomes many password problems because it is a 2-factor scheme, i.e. something that you know and something that you have. Even is someone has your password for your key, they still can't get in because your authentication key should be on your USB stick.
Did you find time to see if dropbear can be configured to reduce it's consumption of cpu?
The 'renice' command is installed (at least it is on my machine, so it's in one of the packages, if not by default). Find the process ID of the dropbear process, 'ps -w | grep dropbear' will show you that in the first column. I suggest that you do this for all dropbear IDs, as one will be the server and any others will tally up with each of your SSH connections. For each ID, try 'renice -n 20 <id>' and then try your transfer. You will probably have to start the SFTP session and
then SSH in to achieve this, to ensure that you deprioritise the correct process.