ssh speed
Rob Hagopian
rob at hagopian.net
Thu Jan 11 04:24:07 EST 2001
These were using SNAP-010109 on PIII 800s, striped 10K RPM drives,
switched fast ethernet. One machine is SMP, one isn't. Using 'scp -o
Ciphers=xxx' Both machines are FreeBSD.
(587MB file:)
aes256-cbc 02:19
aes128-cbc 02:17
arcfour 02:08
3des-cbc 02:59
blowfish-cbc 02:13
none2 02:12
I did "hack the source" (hehehe) to add none:
rijndael_setkey, rijndael_setiv,
rijndael_cbc_encrypt, rijndael_cbc_decrypt },
+ { "none2",
+ SSH_CIPHER_SSH2, 8, 0,
+ none_setkey, none_setiv,
+ none_crypt, none_crypt },
{ NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL }
};
(it's none2 to avoid name collision with the ssh1 none)
Indeed, it seems that when using a cipher, the ssh process is using more
cpu than sshd and is maxing out that side. But when using none2 as a
'cipher' CPU maxes out around 30% for ssh (20% for sshd). Both processes
seem to be in select() a lot according to top.
-Rob
On Wed, 10 Jan 2001, Markus Friedl wrote:
> On Wed, Jan 10, 2001 at 10:37:35AM +0100, Markus Friedl wrote:
> > did you use compression?
>
> oops, i should read the all of the mail.
>
> what did you do? scp? ssh+cat? sftp? http over forwarded
> channels?
>
> what are exact version of openssh? openssh-current? did you try AES?
>
> what kind of network? CPU? transfer to localhost?
>
> did you really use 'none' in SSH-2? did you hack the source (cipher none
> should not be supported)?
>
> -markus
>
> > On Tue, Jan 09, 2001 at 06:28:10PM -0500, Rob Hagopian wrote:
> > > OK, I've been looking to run ssh2 without encryption to get maximum
> > > throughput but with secure authentication. However, my tests show that the
> > > performance speedup isn't as dramatic as I suspected:
> > >
> > > For a 587MB file:
> > > 3des-cbc 3:03
> > > arcfour 2:10
> > > none 2:13
> > >
> > > ftp 0:57
> > >
> > > I checked, compression is off (with it on estimated times were over 5min).
> > >
> > > I interpret the above as saying that the cipher does make a difference,
> > > but when using a sufficiently fast cipher there's overhead in the protocol
> > > that becomes the bottleneck. Arcfour didn't max out the CPU, nor the disk
> > > or network I/O, so what could be slowing it down? Thoughts? Suggestions?
> > >
> > > -Rob
> > >
>
More information about the openssh-unix-dev
mailing list