HPN-SSH for OpenSSH 6.2
rapier
rapier at psc.edu
Thu Aug 15 07:36:31 EST 2013
Howdy,
It's been a while since I've made an announcement here but I wanted to
mention that we've just released a set of HPN-SSH patches for
OpenSSH6.2. The release marks the first time I've had the resources/help
to actually do anything more than just forward port the patches in quite
a while.
http://www.psc.edu/index.php/hpn-ssh
Items of note:
1) The multithreaded AES-CTR (MT-AES-CTR) cipher now works as expected
in all situations. Previously MT-AES-CTR failed in dynamic forwarding
tests because context with the threads were lost when daemon() was
called. Starting with 6.1 it also failed on the server side with the
introduction of sandboxing by default. Under the rlimit method NPROCS
being set to zero precluded the possibility of threads being started in
in privsep. This issue has been resolved by swapping the pointer for the
AES CTR cipher from the nonthreaded AES-CTR cipher to MT-AES-CTR after
authentication and then forcing a rekey. Throughput improvements of more
than 50% were seen on test systems. MT-AES-CTR is cipherstream
compatible with the default implementation.
2) In order to reduce the complexity of the patch sets I've finally
stripped the postauth NONE cipher switching from the patchsets. It's now
a standalone patch.
Thanks for your time!
Chris Rapier
More information about the openssh-unix-dev
mailing list