I've compiled SSH 1.2.27 and 2.1.0 on a Sun Ultra 10 and a Compaq XP1000.
In both cases, scp1 runs over twice as fast as scp2 when the same
cipher is used. Here's what I run on the machines (the file atest is a
ufsdump file, about 45 megs):
> scp -c 3des tobe@localhost:/users/tobe/atest /users/tobe/atest2
This gives about 200 kB/s on the Sun.
> scp1 -c 3des tobe@localhost:/users/tobe/atest /users/tobe/atest2
This gives about 600 kB/s on the Sun!
Note that, for some reason, scp2 completely ignores my -c parameter (e.g.
I can do -c boguscipher and it doesn't complain), so I also change Ciphers
in ~/.ssh2/ssh2_config from AnyStdCipher to 3des to get scp2 to use 3des.
I get approximately proportional results with blowfish, and with
transfers from one machine to the other using 3des. (blowfish is faster
than my current max network transfer rate, so I haven't tested that yet,
but I expect to see the same problem).
So my questions are:
Why is ssh2 slower than ssh1? Can I fix this by reconfiguring? In general,
short of allowing 'none' as a cipher, how can I speed up transfer rates
for ssh1 and ssh2? My intended application for ssh is network backup and
I'd prefer to use ssh2 if I can.
Is there a known fix/reconfiguration for scp2 to make it pay attention to
-c?
And lastly, the crypto toolkit performance stats on ssh's web site claim
that twofish is faster than blowfish, but when I test twofish with scp2 it
runs 1/4 to 1/3 slower. Can I do something to get the faster performance
with twofish in ssh that the crypto toolkit advertises?
Thanks in advance for any advice/help. I will be happy to provide
additional information if requested.
- Tobe Hagge
P.S. The ssh web site seems to claim that this list is a good place to ask
these kind of questions, but the statement of purpose that I got when I
subscribed seems to indicate that this list is intended for development of
new features. Kindly let me know if I am asking my questions in the wrong
forum.
