ssh speed
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Sun Jan 21 08:52:46 EST 2001
hm, could you turn on (-pg, or -p) profiling
and do some more tests?
ssh does some data copies that could be avoided...
On Wed, Jan 10, 2001 at 12:24:07PM -0500, Rob Hagopian wrote:
> These were using SNAP-010109 on PIII 800s, striped 10K RPM drives,
> switched fast ethernet. One machine is SMP, one isn't. Using 'scp -o
> Ciphers=xxx' Both machines are FreeBSD.
>
> (587MB file:)
> aes256-cbc 02:19
> aes128-cbc 02:17
> arcfour 02:08
> 3des-cbc 02:59
> blowfish-cbc 02:13
> none2 02:12
>
> I did "hack the source" (hehehe) to add none:
>
> rijndael_setkey, rijndael_setiv,
> rijndael_cbc_encrypt, rijndael_cbc_decrypt },
> + { "none2",
> + SSH_CIPHER_SSH2, 8, 0,
> + none_setkey, none_setiv,
> + none_crypt, none_crypt },
> { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL }
> };
>
> (it's none2 to avoid name collision with the ssh1 none)
>
> Indeed, it seems that when using a cipher, the ssh process is using more
> cpu than sshd and is maxing out that side. But when using none2 as a
> 'cipher' CPU maxes out around 30% for ssh (20% for sshd). Both processes
> seem to be in select() a lot according to top.
> -Rob
>
> On Wed, 10 Jan 2001, Markus Friedl wrote:
>
> > On Wed, Jan 10, 2001 at 10:37:35AM +0100, Markus Friedl wrote:
> > > did you use compression?
> >
> > oops, i should read the all of the mail.
> >
> > what did you do? scp? ssh+cat? sftp? http over forwarded
> > channels?
> >
> > what are exact version of openssh? openssh-current? did you try AES?
> >
> > what kind of network? CPU? transfer to localhost?
> >
> > did you really use 'none' in SSH-2? did you hack the source (cipher none
> > should not be supported)?
> >
> > -markus
> >
> > > On Tue, Jan 09, 2001 at 06:28:10PM -0500, Rob Hagopian wrote:
> > > > OK, I've been looking to run ssh2 without encryption to get maximum
> > > > throughput but with secure authentication. However, my tests show that the
> > > > performance speedup isn't as dramatic as I suspected:
> > > >
> > > > For a 587MB file:
> > > > 3des-cbc 3:03
> > > > arcfour 2:10
> > > > none 2:13
> > > >
> > > > ftp 0:57
> > > >
> > > > I checked, compression is off (with it on estimated times were over 5min).
> > > >
> > > > I interpret the above as saying that the cipher does make a difference,
> > > > but when using a sufficiently fast cipher there's overhead in the protocol
> > > > that becomes the bottleneck. Arcfour didn't max out the CPU, nor the disk
> > > > or network I/O, so what could be slowing it down? Thoughts? Suggestions?
> > > >
> > > > -Rob
> > > >
> >
>
>
More information about the openssh-unix-dev
mailing list