Slow connection performance - ssh2

Markus Friedl markus at openbsd.org
Fri Jun 6 00:22:14 EST 2003


On Thu, Jun 05, 2003 at 07:36:21AM -0400, David M. Gibson wrote:
> What does the "bits set" size indicate, is it related to the size of
> key?

this is relative to the key size need for the ciphers you are using.

for smaller symmetric keys, smaller Diffie Hellman groups
are used (e.g. aes128-cbc, blowfish-cbc)

for larger symmetric keys, larger Diffie Hellman groups
are used (e.g. 3des-cbc, aes256-cbc).

the slowdown is because of the DH exchange. You could see
a speedup if you change to a fixed DH group with this
change in myproposal.h, but it's not recommended.

26c26
< #define KEX_DEFAULT_KEX		"diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1"
---
> #define KEX_DEFAULT_KEX		"diffie-hellman-group1-sha1"




More information about the openssh-unix-dev mailing list