Optional 'test' or benchmark cipher

Daniel Kahn Gillmor dkg-openssh.com at fifthhorseman.net
Thu Jan 17 16:20:14 EST 2008

On Wed 2008-01-16 20:47:02 -0500, Linda Walsh wrote:

> I want to test it both ways. How can I easily tell what is due to my
> network's speed, 

You should be able see what your network is capable of with dd and
netcat.  On $HOST_A:

  nc -l -p 12345 | dd of=/dev/null

and on $HOST_B:

  dd if=/dev/zero | nc $HOST_A 12345

That sets a good baseline for what's possible, since it benchmarks the
TCP/IP and link layer relatively cleanly.

> the SSH protocol

When you are testing your ssh throughput, you should also watch your
system's statistics (vmstat is a good tool for this on Linux) to see
what's hitting a bottleneck.  Is your CPU working solidly?  Are you
swapping?  Are you I/O bound?  See a recent thread "how to test the
performance of modified openssh" on this list for some examples:


> or even the implementation?

If you want to distinguish between different implementations, you
should set up different ssh daemons and clients on identical hosts,
using the same authentication strategies and configurations, and
benchmark comparisons between the different toolsets.  For free
software choices on unix-y systems, you might consider lsh, dropbear,
mindterm (free for personal use), and putty in addition to OpenSSH.
The various combinations of clients and servers could have an effect
also.  Could be a lot to test, even without getting to the non-free
alternatives, but it would be a worthwhile comparison.

Please post a link to any findings you come up with.  I'm sure many
people on this list (ok, at least myself) will be interested.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080117/4fc35041/attachment.bin 

More information about the openssh-unix-dev mailing list