ssh None cipher
John-Mark Gurney
jmg at funkthat.com
Sun Oct 19 07:46:02 UTC 2014
Freddie Cash wrote this message on Sat, Oct 18, 2014 at 10:21 -0700:
> On Oct 18, 2014 3:54 AM, "Mark Martinec" <Mark.Martinec+freebsd at ijs.si>
> wrote:
> >
> > If the purpose of having a none cipher is to have a fast
> > file transfer, then one should be using sysutils/bbcp
> > for that purposes. Uses ssd for authentication, and
> > opens unencrypted channel(s) for the actual data transfer.
> > It's also very fast, can use multiple TCP streams.
>
> That's an interesting alternative to rsync, scp, and ftp, but doesn't help
> with zfs send/recv which is where the none cipher really shines.
>
> Without the none cipher, SSH becomes the bottleneck limiting transfers to
> around 400 Mbps on a gigabit LAN. With the none cipher, the network becomes
> the bottleneck limiting transfers to around 920 Mbps on the same gigabit
> LAN.
>
> This is between two 8-core AMD Opteron 6200 systems using igb(4) NICs.
Are you running on HEAD or possibly 10.x (I believe we have OpenSSL
1.0.x on 10.x)? w/ modern processors w/ AES-NI and a modern version of
OpenSSL, you should be able to get much faster speeds than that... I'm
able to get ~200MB/s over lo0 on my HEAD box on a:
CPU: AMD A10-5700 APU with Radeon(tm) HD Graphics (3393.89-MHz K8-class CPU)
$ netstat -w 1 -I lo0
input lo0 output
packets errs idrops bytes packets errs bytes colls
39162 0 0 207823548 39162 0 207823548 0
26327 0 0 158674156 26327 0 158674156 0
38254 0 0 221313096 38254 0 221313096 0
41362 0 0 219740344 41362 0 219740344 0
40271 0 0 213565272 40271 0 213565272 0
37698 0 0 225447008 37698 0 225447008 0
while running:
$ ssh 0 dd if=/dev/zero >/dev/null
This is w/ no special patches to OpenSSL or ssh...
It could go twice as fast if ssh could use multiple threads to do the
encryption (the processor has 4 cores, 2 would be used for sending, 2
for receiving)...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-current
mailing list