ssh vs. rsh speed difference

[SQ]

Question, when going from rsh/rcp to ssh/scp how much does one loose
speed-wise?

I have a client-server application which transfers much data (5-10GB)
via scp and it's taking a long time, between 8-16 hours. It's on
Solaris and using ssh2. But OpenSSH on Linux Advanced Server 2 had the
same time issues.

Could it be because of encryption? The keys are generated for DSA. I
realize blowfish is faster algorithm. How many bits does it encrypt at
a time? How do I turn encryption off in OpenSSH 3.9 to test this
theory?

[Neil W Rickert]

"SQ" <onesta...@yahoo.com> writes:

There are two ways that SSH could reduce speed:

1: the time cost of encryption
2: the extra bits of data sent over the link.

On slower processors, the time cost is noticeable. But it is mainly
noticable during connection setup (where public key encryption is
used). Even on quite slow processors, I have noticed a problem
except on connection setup. The slower processors were still able to
keep up with network throughput, so processing time was not a factor
except during the negotiation stage where the slower public key
methods are being used.

There will often be an increase in data traffic with SSH. This is
partly because there is control information being passed, in addition
to the payload. However, in my experience, the overhead is small.
When using scp between home and office, the transfer speed is close
to the max of my dsl line throughput. If compression is used, you
might even do better than with rsh.

There is one case where I do notice a slowdown. And that is when
using putty for copying. I'm not sure if that is something strange
in putty, something strange in windows (maybe the virus scanning?),
or if there is extra overhead in the use of sftp by putty. When I
copy a file across the net in my office (100 mb/s) using putty, it is
often slower than copying the same file with openssh (scp) from
office to home over a 1.5 mb/s dsl link.

My main point -- before you think about changing the encryption
algorithm, you might want to investigate where the slowdown is
occuring. My guess is that the problem is somewhere else, and not in
the symmetric encryption.

[Richard E. Silverman]

>>>>> "SQ" == SQ <onesta...@yahoo.com> writes:

SQ> I realize blowfish is faster algorithm. How many bits does it
SQ> encrypt at a time? How do I turn encryption off in OpenSSH 3.9 to
SQ> test this theory?

OpenSSH does not allow use of the none cipher in protocol 2, but you can
easily patch it to do so:

================================================================================
--- openssh-3.9p1/cipher.c~ 2004-08-12 12:40:25.000000000 +0000
+++ openssh-3.9p1/cipher.c 2005-07-01 14:51:04.000000000 +0000
@@ -76,7 +76,7 @@
u_int key_len;
const EVP_CIPHER *(*evptype)(void);
} ciphers[] = {
- { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null },
+ { "none", SSH_CIPHER_SSH2, 8, 0, EVP_enc_null },
{ "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc },
{ "3DES", SSH_CIPHER_3DES, 8, 16, evp_SSH1_3DES },
{ "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_SSH1_bf },
================================================================================

--
Richard Silverman
r...@qoxp.net

[Unruh]

"SQ" <onesta...@yahoo.com> writes:

>Question, when going from rsh/rcp to ssh/scp how much does one loose
>speed-wise?

>I have a client-server application which transfers much data (5-10GB)
>via scp and it's taking a long time, between 8-16 hours. It's on
>Solaris and using ssh2. But OpenSSH on Linux Advanced Server 2 had the
>same time issues.

I would use rsync instead. It is fast, but more importantly it only copies
over he stuff that gets changed. Ie, I doubt that you generate 10 GB of
new data a day. Probably only 1MB of that actually is new data.