You are not logged in.
For those using ssh over rsync or just scp to move files around on a LAN, be aware that a number of version 2 ciphers have been disabled in the 6.7p1-1 release of openssh (see release notes) including the following:
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
That leaves the following available:
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com
If you have defined any of these ciphers in ~/.ssh/config you should switch to one of the supported ones. Also make the change in any shell script you might be using. The significance of this particularly for older hardware could be much slower transfer speeds. See this thread for a comparison of all version 2 ciphers moving 500 MB files around. The conclusion from this older experiment was that any of the arcfour ciphers provided the fastest transfers on LANs where security was not a concern.
Using a similar script I shared in the linked thread, I tested these supported ciphers an 1100 MB file this time (with 6 replicates) and found that all are more or less the same within error of the experiment on the Ivy or Haswell hardware tested (with the exception of the chacha20-poly1305 cipher that was a tiny bit slower on each). The older Yorkfield (Xeon version of the Q9550) had a harder time keeping up and slightly preferred the aes256-gcm cipher. YMMV.
None of these were CPU-limited using my hardware (sending machine was a Haswell i7-4790k and receiving machines are as indicated in the headers on the plots.
You can benchmark your own hardware with the script below:
Script: https://gist.github.com/graysky2/0e265604bfd4856a2596
Last edited by graysky (2015-11-22 22:16:24)
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Thank you for taking the time to post about this.
Last edited by Pse (2014-10-20 02:55:52)
Offline
* sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour*
are disabled by default.The full set of algorithms remains available if configured
explicitly via the Ciphers and MACs sshd_config options.
you can still enable them if you wish in your system-wide settings
Last edited by HiImTye (2014-10-20 06:30:29)
Offline
Thank you for taking the time to post about this.
You're welcome; glad someone found it of value.
you can still enable them if you wish in your system-wide settings
True but unless you combine them with an IP restriction (LAN only) that would be ill-advised since they were disabled for a reason I edited the first post including the arcfour as a comparison.
Last edited by graysky (2014-10-23 20:24:38)
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Thanks graysky, your results probably depends on specific cpu accelerated functions.
My mileage varies much on a Core2 Duo E7500.
I tried to make a benchmark without involving too much I/O operations.
This one requires sshpass:
#!/bin/bash
user=<username with access to local ssh server>
password=<his password>
port=22
MB=200
export LC_ALL=C
ciphers="3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr \
aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com arcfour \
arcfour128 arcfour256 blowfish-cbc cast128-cbc chacha20-poly1305@openssh.com"
#ciphers=$(ssh -Q cipher)
for cipher in $ciphers; do
echo cipher: "$cipher"
dd if=/dev/zero bs=1M count=$MB conv=sync | \
sshpass -p $password ssh -c $cipher -o Compression=no -o Port=$port $user@127.0.0.1 "cat - >/dev/null"
done
And my results:
# nice -n -19 /tmp/ciphers.sh 2>&1|grep 'cipher\|MB'
cipher: 3des-cbc
209715200 bytes (210 MB) copied, 11.0941 s, 18.9 MB/s
cipher: aes128-cbc
209715200 bytes (210 MB) copied, 1.78707 s, 117 MB/s
cipher: aes192-cbc
209715200 bytes (210 MB) copied, 2.14264 s, 97.9 MB/s
cipher: aes256-cbc
209715200 bytes (210 MB) copied, 2.02551 s, 104 MB/s
cipher: aes128-ctr
209715200 bytes (210 MB) copied, 1.70451 s, 123 MB/s
cipher: aes192-ctr
209715200 bytes (210 MB) copied, 1.77964 s, 118 MB/s
cipher: aes256-ctr
209715200 bytes (210 MB) copied, 2.00527 s, 105 MB/s
cipher: aes128-gcm@openssh.com
209715200 bytes (210 MB) copied, 1.99968 s, 105 MB/s
cipher: aes256-gcm@openssh.com
209715200 bytes (210 MB) copied, 2.33376 s, 89.9 MB/s
cipher: arcfour
209715200 bytes (210 MB) copied, 1.51805 s, 138 MB/s
cipher: arcfour128
209715200 bytes (210 MB) copied, 1.43505 s, 146 MB/s
cipher: arcfour256
209715200 bytes (210 MB) copied, 1.41674 s, 148 MB/s
cipher: blowfish-cbc
209715200 bytes (210 MB) copied, 3.21618 s, 65.2 MB/s
cipher: cast128-cbc
209715200 bytes (210 MB) copied, 3.28389 s, 63.9 MB/s
cipher: chacha20-poly1305@openssh.com
209715200 bytes (210 MB) copied, 2.16026 s, 97.1 MB/s
Help me to improve ssh-rdp !
Retroarch User? Try my koko-aio shader !
Offline
Worth noting, that now it is likely a good idea to do make OPENSSL=no in the openssh PKGBUILD as openssl is infested with US subterfuge and NIST "random" seeds, (don't use ECDSA!), but compiling it without lends to niceties like EDDSA and so on ,p
EDIT: Ah, it finished and is not part of the portable options..sigh.
Last edited by solar (2015-02-01 03:27:14)
I am hilariously insane. yup. you won't notice though.. I promise...I think.
Offline
Could someone sum up, please, what is recommended to use instead of disabled arcfour,blowfish-cbc in a usual case?
Offline
The answer to your question is clearly stated in the first post.
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Just runned kokoko3k's script on 3 machines, of which two tiny netbooks that are handy when moving away.
Atom Z520 @ 1.33GHz, none of the left ciphers make it to 7MB/s, that's a 75% drop from Arcfour, which tops out at, well an incredible 23MB/sec
Atom N450 @ 1.66GHz, 3 of them pass 10MB/s (max 15), a 50% drop from arcfour;
On an i3-3220 @ 3.30GHz, 4 allow for over 200 MBc, a 20% drop from arcfour.
indeed CPU does make a difference
@Graysky I like your graph! mind to share how do you ouput that?
EDIT: Tested Z520 has older OpenSSH_5.8p2, OpenSSL1.0.0j-Fips, while N450 runs OpenSSH_7.1p1, OpenSSL 1.0.2d. Dunno about the version difference's impact.
Last edited by kozaki (2015-09-15 00:44:44)
Seeded last month: Arch 50 gig, derivatives 1 gig
Desktop @3.3GHz 8 gig RAM, linux-ck
laptop #1 Atom 2 gig RAM, Arch linux stock i686 (6H w/ 6yrs old battery ) #2: ARM Tegra K1, 4 gig RAM, ChrOS
Atom Z520 2 gig RAM, OMV (Debian 7) kernel 3.16 bpo on SDHC | PGP Key: 0xFF0157D9
Offline
@kozaki - Spotfire dxp
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Thanks! Ah, demos are appealing. Now I don't have that kind of server arround atm
Seeded last month: Arch 50 gig, derivatives 1 gig
Desktop @3.3GHz 8 gig RAM, linux-ck
laptop #1 Atom 2 gig RAM, Arch linux stock i686 (6H w/ 6yrs old battery ) #2: ARM Tegra K1, 4 gig RAM, ChrOS
Atom Z520 2 gig RAM, OMV (Debian 7) kernel 3.16 bpo on SDHC | PGP Key: 0xFF0157D9
Offline
I updated the first post responding some the feedback to explore additional hardware. Indeed, the older machine (Yorkfield in my case) gave a different answer. What's probably more important is sharing the script to test your own hardware if you move a ton of data around your LAN or if you're just OCD like me.
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline