[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: High Performance SSH/SCP - HPN-SSH

On 7/12/07, Pádraig Brady <P draigbrady com> wrote:
Farkas Levente wrote:
> hi,
> is there any plan to include High Performance SSH/SCP - HPN-SSH into
> fedora's ssh?
> http://www.psc.edu/networking/projects/hpn-ssh/

I noticed that for scp if you disable compression (yes disable),
then transfer rate increases a lot. I looked at it very quickly
and it seemed worse the more the data compressed.
Also Protocol=1 seems much better:

dd bs=1M count=50 if=/dev/zero of=50MB_zeros
dd bs=1M count=50 if=/dev/urandom of=50MB_random

$ scp localhost:50MB_random /tmp
50MB_random                                   100%   50MB  10.0MB/s   00:05

$ scp -C localhost:50MB_random /tmp
50MB_random                                   100%   50MB   4.6MB/s   00:11

$ scp -C localhost:50MB_zeros /tmp
50MB_zeros                                    100%   50MB   2.3MB/s   00:22

#setting Protocol=1 in sshd_config I get the following speed:
$ scp -C localhost:50MB_zeros /tmp #Includes time to type password!
50MB_zeros                                    100%   50MB  12.5MB/s   00:04

If all you care about is speed why use SSH?  Use FTP.  Protocol is has
some flaws that really can't be overcome, hence, the existance of
protocol 2.

When talking about improvements to ssh, chrootssh seems useful:

Also upstream openssh breaks X forwarding in interesting ways
unless -Y is specified (at least fedora fixes this).

Remember that upstream's job is for SSH to be SECURE, not to have all
these bells and whistles.  I asked them about X.509 support,
tab-completion in sftp, Public keys in LDAP, and several other
features and the answer is always, "will it introduce more bugs
specifially in the security space?"  Since they are not sure, they
decide to be cautious.  I actually am kind of surprised the project
hasn't forked into the feature-rich SSH and a stable/secure one
(classic) OpenSSH.


Also scp does full remote login etc.
even if local specified files don't exist

Also scp has weird error messages:
$ scp /etc/fstab localhost:/non_existent/
scp: /non_existent/: Is a directory

Don't get me started...


fedora-devel-list mailing list
fedora-devel-list redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]