Re: SSH and gigabit NICs
Gustavo De Nardin wrote: On 07/07/05, Alex Zbyslaw [EMAIL PROTECTED] wrote: Does anyone have a clue what might be going on? Dunno, but you might take a look at /usr/ports/security/hpn-ssh/: Thanks for the tip. Will have a look as soon as I get the time to play again :-( Does anyone know if/how the none Cipher is really available? I need ssh only for authentication when transfering backups, and encryption makes a difference in transfer speed on slow machines... I'm in the same boat! If you find out about none then please let us know. If the code for a none cypher really is there, then it may be straightforward to turn it on. Then again, there may be a good reason why it *isn't* turned on. Might be worth asking on an ssh mailing list about this one... will be looking for one as soon as I get the time to play again :-( (Damn, I hates work; sigh). --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH and gigabit NICs
Gustavo De Nardin wrote: On 07/07/05, Alex Zbyslaw [EMAIL PROTECTED] wrote: Does anyone have a clue what might be going on? Dunno, but you might take a look at /usr/ports/security/hpn-ssh/: WWW: http://www.psc.edu/networking/projects/hpn-ssh/ Actually, this also seems to add support for a none cipher. See the bottom of the page at the URL above. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH and gigabit NICs
Deyan Dyankov wrote: I'm not sure that this is the problem, but ..keep in mind, that ssh encrypts the data and ftp doesn't. The delay might be actually the time for encryption, right? Yes, this is a possibility, and I'll revisit it tonight. I thought I'd looked at the CPU usage during transfer, but I should do so again. It still seems strange to me that SSH got slower over Gigabit. It it had just not gotten faster, then the encryption would be the obvious culprit, but to get slower... Unfortunately there seems to be no way to turn off the encryption for SSH, which would be the easiest test. Thanks for the suggestion, --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH and gigabit NICs
On 08/07/05, Alex Zbyslaw [EMAIL PROTECTED] wrote: Unfortunately there seems to be no way to turn off the encryption for SSH, which would be the easiest test. Well, looking at /usr/src/crypto/openssh/cipher.c, there is a none in struct Cipher. But specifying 'none' in Ciphers in sshd_config, I get Bad SSH2 cipher spec 'none'. trying to start sshd. Does anyone know if/how the none Cipher is really available? I need ssh only for authentication when transfering backups, and encryption makes a difference in transfer speed on slow machines... -- (nil) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH and gigabit NICs
On 07/07/05, Alex Zbyslaw [EMAIL PROTECTED] wrote: Does anyone have a clue what might be going on? Dunno, but you might take a look at /usr/ports/security/hpn-ssh/: --- pkg-descr --- High Performance Enabled SSH/SCP from the Pittsburgh Supercomputing Center hpn-ssh is a version of OpenSSH modified to support high-performance bulk transfers (such as with scp or rsync). These modifications are required because: SCP and the underlying SSH protocol is network performance limited by statically defined internal flow control buffers. These buffers often end up acting as a brake on the network throughput of SCP especially on long and wide paths. Modifying the ssh code to allow the flow control buffers to be defined at run time eliminates this bottleneck. WWW: http://www.psc.edu/networking/projects/hpn-ssh/ -- (nil) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]