Problem is that SSH performance is still 10-30x slower with encryption.
On a 3.6GHz Intel Penryn with plenty of memory bandwidth [1], we see
around 67MB/s - 109MB/s [2]. Moving from 'secret' aes-128-cbc (the
default) to 'top-secret' aes-256-cbc (the most secure) is almost free.

Moving from MD5 hashing reduces performance too [3].

--- [1]

$ sudo hdparm -T /dev/sda
/dev/sda:
 Timing cached reads:   18030 MB in  2.00 seconds = 9026.75 MB/sec

--- [2]

$ for c in 3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr
aes192-ctr aes256-ctr arcfour128 arcfour256 arcfour blowfish-cbc
cast128-cbc; do echo using cipher $c; ssh -c $c localhost dd
if=/dev/zero bs=32k count=10000 >/dev/null; done

3des-cbc                22.6 MB/s
aes128-cbc      63.8 MB/s
aes192-cbc      67.6 MB/s
aes256-cbc      67.4 MB/s
aes128-ctr      74.9 MB/s
aes192-ctr      73.6 MB/s
aes256-ctr      73.3 MB/s
arcfour128      109 MB/s
arcfour256      108 MB/s
arcfour         107 MB/s
blowfish-cbc    75.0 MB/s
cast128-cbc     62.0 MB/s

--- [3]

$ for m in hmac-md5 hmac-sha1 umac-64 hmac-ripemd160; do echo using
digest $m; ssh -c arcfour128 -m $m localhost dd if=/dev/zero bs=32k
count=10000 >/dev/null; done

hmac-md5        108 MB/s
hmac-sha1       97.9 MB/s
hmac-ripemd160  83.0 MB/s

-- 
[rfe] sshd ought to support 'none' cipher
https://bugs.launchpad.net/bugs/54180
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to