OpenSSH HPN
Aaron Zauner
azet at azet.org
Tue Nov 24 20:29:49 UTC 2015
Hi,
Please forgive my ignorance but what's the reason FreeBSD ships
OpenSSH patched with HPN by default? Besides my passion for
security, I've been working in the HPC sector for a while and
benchmarked the patch for a customer about 1.5 years ago. The
CTR-multi threading patch is actually *slower* than upstream OpenSSH
with AES in CTR mode. GCM being, of course, the fastest mode on
AESNI plattforms.
The NULL mode is a security concern as some have noted, I can only
imagine that the window-scaling patch is of such importance?
Thanks,
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20151124/44b72bb4/attachment.bin>
More information about the freebsd-current
mailing list