Problem is that SSH performance is still 10-30x slower with encryption. On a 3.6GHz Intel Penryn with plenty of memory bandwidth [1], we see around 67MB/s - 109MB/s [2]. Moving from 'secret' aes-128-cbc (the default) to 'top-secret' aes-256-cbc (the most secure) is almost free.
Moving from MD5 hashing reduces performance too [3]. --- [1] $ sudo hdparm -T /dev/sda /dev/sda: Timing cached reads: 18030 MB in 2.00 seconds = 9026.75 MB/sec --- [2] $ for c in 3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr arcfour128 arcfour256 arcfour blowfish-cbc cast128-cbc; do echo using cipher $c; ssh -c $c localhost dd if=/dev/zero bs=32k count=10000 >/dev/null; done 3des-cbc 22.6 MB/s aes128-cbc 63.8 MB/s aes192-cbc 67.6 MB/s aes256-cbc 67.4 MB/s aes128-ctr 74.9 MB/s aes192-ctr 73.6 MB/s aes256-ctr 73.3 MB/s arcfour128 109 MB/s arcfour256 108 MB/s arcfour 107 MB/s blowfish-cbc 75.0 MB/s cast128-cbc 62.0 MB/s --- [3] $ for m in hmac-md5 hmac-sha1 umac-64 hmac-ripemd160; do echo using digest $m; ssh -c arcfour128 -m $m localhost dd if=/dev/zero bs=32k count=10000 >/dev/null; done hmac-md5 108 MB/s hmac-sha1 97.9 MB/s hmac-ripemd160 83.0 MB/s -- [rfe] sshd ought to support 'none' cipher https://bugs.launchpad.net/bugs/54180 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
