how to test the performance of modified openssh

Chris Rapier rapier at
Sat Jan 12 07:36:44 EST 2008

Ben Lindstrom wrote:
> The only performance testing I've ever seen was a "max transfer rate" 
> test. 

This is the tests we most commonly use when developing HPN-SSH. We're 
actually in the process of developing some methods to test application 
layer latency though.

> Which lead to deciding the encryption order and discussions about 
> v2 vs v1 preformance differences.  Along with Internet2 testing to find a 
> better way of gaining preformance on massive pipes.
> In both cases I believe the test was pretty much a "dd if=/dev/urandom .. 
> | ssh '| cat /dev/null'" style testing or transferring of real data. 
> Timing the time it takes to move XX amount of data then doing the math.

I also use Iperf over a SSH tunnel to do tests. It can give you some 
useful options (mutliple streams, different RWINs, MSS, and multiple 
streasm, disable nagle, etc) and statistics (1sec avgs, etc). 
Unfortunately, it uncovered an odd situation with the HPN-SSH code 
though that I'm still trying to resolve (the window doesn't grow. :\).

> I don't believe anyone has done any testing on the cost of 
> authentication.  Truth of the matter is if it is near instance I doubt 
> anyone really cares (I sure never have =).

I care! :) Not a whole lot because we generally see the authentication 
process as sunk cost. It matters a lot on low bandwidth long delay 
connections involving small transfers. Its more difficult to amortize 
the cost of authentication in those instances.

> But if you want to test authentication cost a simple "time ssh site 
> /bin/true" I'm sure would be close enough.. This isn't a realtime event 
> so what is a few microseconds between friends. =)  However, to get true 
> stats you may want to disable hashing and encryption.

In this situation one could also use tcpdumps and look at the packet timing.

More information about the openssh-unix-dev mailing list