Re: OpenSSH HPN

[Brooks Davis]

On Tue, Nov 24, 2015 at 09:29:44PM +0100, Aaron Zauner wrote:
> Hi,
> 
> Please forgive my ignorance but what's the reason FreeBSD ships
> OpenSSH patched with HPN by default? Besides my passion for
> security, I've been working in the HPC sector for a while and
> benchmarked the patch for a customer about 1.5 years ago. The
> CTR-multi threading patch is actually *slower* than upstream OpenSSH
> with AES in CTR mode. GCM being, of course, the fastest mode on
> AESNI plattforms.

We never imported the AES bits as they were broken and AESNI was
available.

> The NULL mode is a security concern as some have noted, I can only
> imagine that the window-scaling patch is of such importance?

Both NULL and window-scaling were merged because both are useful in some
environments.

-- Brooks


signature.asc
Description: PGP signature

Re: OpenSSH HPN

[Julian Elischer]

On 1/12/2015 3:23 AM, Brooks Davis wrote:

On Tue, Nov 24, 2015 at 09:29:44PM +0100, Aaron Zauner wrote:

Hi,

Please forgive my ignorance but what's the reason FreeBSD ships
OpenSSH patched with HPN by default? Besides my passion for
security, I've been working in the HPC sector for a while and
benchmarked the patch for a customer about 1.5 years ago. The
CTR-multi threading patch is actually *slower* than upstream OpenSSH
with AES in CTR mode. GCM being, of course, the fastest mode on
AESNI plattforms.

We never imported the AES bits as they were broken and AESNI was
available.


The NULL mode is a security concern as some have noted, I can only
imagine that the window-scaling patch is of such importance?

Both NULL and window-scaling were merged because both are useful in some
environments.

yeah but Null was just unmerged.
window scaling is also on the block I think


-- Brooks


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Aaron Zauner]

Hi,

Please forgive my ignorance but what's the reason FreeBSD ships
OpenSSH patched with HPN by default? Besides my passion for
security, I've been working in the HPC sector for a while and
benchmarked the patch for a customer about 1.5 years ago. The
CTR-multi threading patch is actually *slower* than upstream OpenSSH
with AES in CTR mode. GCM being, of course, the fastest mode on
AESNI plattforms.

The NULL mode is a security concern as some have noted, I can only
imagine that the window-scaling patch is of such importance?

Thanks,
Aaron


signature.asc
Description: Digital signature

Re: OpenSSH HPN

[Allan Jude]

On 2015-11-14 02:47, John-Mark Gurney wrote:
> Allan Jude wrote this message on Thu, Nov 12, 2015 at 17:57 -0500:
>> On 2015-11-12 12:56, John-Mark Gurney wrote:
>>> Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500:
 On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
>
>> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>>>  I would also like to remove the NONE cipher
>>> patch, which is also available in the port (off by default, just like in
>>> base).
>>
>> Fun fact, it's been broken in the port for several months with no
>> complaints. It was just reported and fixed upstream in the last day and
>> I wrote in a similar fix in the port. That speaks a lot about its usage
>> in the port currently.
>
> I am try using NPH/NONE with base ssh and confused: don't see
> performance rise, too complex to enable and too complex for use.

 I did a few quick (and dirty) benchmarks and it shows that the NONE
 cipher definitely makes a difference. Version of OpenSSL also seems to
 make a difference, as one might expect.

 Note: openssh from ports seems to link against both base and ports
 libcrypto, I am still trying to make sure this isn't corrupting my
 benchmark results.
>>>
>>> You don't need the aesni.ko module loaded for OpenSSL (which is how
>>> OpenSSH uses most crypto algos) to use AES-NI..
>>>
>>> Also, do you set any sysctl's to play w/ the buffer sizes or anything?
>>>
 I am still debugging my dummynet setup to be able to prove that HPN
 makes a difference (but it does).
>>>
>>> Does my example on the page not work for you?
>>>
 https://wiki.freebsd.org/SSHPerf
>>>
>>
>> I found that when I set even 5ms of delay with dummynet, bandwidth over
>> the LAN drops more than it should. Dummynet is limiting the rate rather
>> than just adding the delay. I am investigating.
>>
>> I found this document:
>> http://www.cs.unc.edu/~jeffay/dirt/FAQ/hstcp-howto.pdf
>>
>> Which is from the 6.x era, but suggests:
>>
>> "One subtle bug exists in the stock Dummynet implementation that should
>> be corrected for experiments.  When a packet arrives in dummynet it is
>> shoved into a queue which limits the bandwidth a TCP flow may use. Upon
>> exit from the queue, the packet is transferred to a pipe where it sits
>> for any configured amount of delay time and might possibly be dropped
>> depending on the loss probability. Once the delay time has passed, the
>> packet is released to ip output."
>>
>> May be the cause of my problem
> 
> Ahhh, probably need to adjust:
> net.inet.ip.dummynet.pipe_byte_limit: 1048576
> net.inet.ip.dummynet.pipe_slot_limit: 100
> 
> But even w/ the above limits and 5ms, you should still be able to push
> 200MB/sec...
> 

I worked with Hiren and some of his dtrace magic and figured out that
dummynet was not my issue. I didn't end up needing to change the
dummynet pipe slot/byte limit in order to get the full 10gig/sec even
with 100ms delay from dummynet.

You just need to adjust:

net.inet.tcp.sendbuf_max=BDP
net.inet.tcp.recvbuf_max=BDP

kern.ipc.maxsockbuf= ( BDP * (2048+256) ) / 2048

for a 50ms RTT:

BDP = 10gbps * .05 = ~60mb


It can also greatly help to increase:
net.inet.tcp.abc_l_var

Which is how many additional segments the CWNDs is incremented by each
RTT during slow-start.


I am still working on my set of benchmarks to show what different HPN
makes with different RTT values, as well as what might be required to
achieve max throughput for SSH over both LAN and the internet.

(For my company, we regularly transmit 500GB ZFS datasets over the
public internet on 1gbps or 2x1gbps connections)

-- 
Allan Jude



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[John-Mark Gurney]

Ok, some new testing... nc w/ 8MB sockbuf and {send,recv}buf_max can
get over 50MB/sec using nc and a 100ms RTT..  Guess it's a good day...

The hickups that I see look to be a buffer overrun on the tap or bridge
interface, as I did see some errors, and on the sender side, the TCP
protocol stats showed some retransmits..

A quick recap of the info below at 50ms RTT:
server
client  HEAD w/ HPN stock 7.1p1
HEAD w/ HPN 1MB/sec 6.5MB/sec
stock 7.1p1 2MB/sec 7MB/sec

TL;DR: HPN patches hurt no matter how you look at things...

client HEAD w/ HPN, the tcpwinsz is always 66608
the server HEAD w/ HPN, the rcvd adjust is always 49152
the server stock 7.1p1, the rcvd adjust is always 131072

client HPN:
OpenSSH_6.6.1p1, OpenSSL 1.0.1m-freebsd 19 Mar 2015

client stock:
OpenSSH_7.1p1, OpenSSL 1.0.1m-freebsd 19 Mar 2015

server HPN:
OpenSSH_6.6.1p1, OpenSSL 1.0.1o-freebsd 12 Jun 2015

server stock:
OpenSSH_7.1p1, OpenSSL 1.0.1o-freebsd 12 Jun 2015

All tests below were done w/ a 25ms pipe delay, resulting in a 50ms
RTT...

Baseline nc results in ~55MB/sec, but this is cpu limited by bhyve...
The dual stock 7.1p is only using about a quarter of the cpu, so not
at all cpu limited...

Proto Recv-Q Send-Q Local Address  Foreign AddressR-MBUF S-MBUF 
R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX   rexmt 
persistkeep2msl  delack rcvtime
tcp4   0 2851352 192.168.0.21.44972 192.168.0.50.3845   0   
1052  0   1043  66608 2851352  1   2048  0 4262912 532864 8388608   
 0.260.00 7199.990.000.000.00

I forgot about -vvv...  So, w/ HEAD ssh (w/ HPN) on both sides, the
transmitter, I see lots of:
debug2: channel 0: rcvd adjust 49152
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3

And the send-q is 49312:
Proto Recv-Q Send-Q Local Address  Foreign AddressR-MBUF S-MBUF 
R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX   rexmt 
persistkeep2msl  delack rcvtime
tcp4   0  49312 192.168.0.21.51135 192.168.0.50.22 0 15 
 0 13  66608  98840  1   2048  0  55040 532864 7907200.21   
 0.00 7199.950.000.000.04

And adjusting the delay to 0 shows ssh getting 50MB/sec, so it should
be possible...  adjusting the delay shows a linear change in bandwidth
(200ms -> 500KB/sec, 100ms -> 1MB/sec, 50ms -> 2MB/sec), so looks like
ssh is artifically limitting the window...

If I run w/ stock, compiled from source, OpenSSH 7.1p1 on the server
side (receiver side) and HEAD ssh on client side, I get ~6.5MB/sec..
w/ -vvv I see:
debug2: channel 0: rcvd adjust 131072
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3
debug2: tcpwinsz: 66608 for connection: 3
[this line repeated tons of times]

In this case, I do see the send-q stay at around 229912:
Proto Recv-Q Send-Q Local Address  Foreign AddressR-MBUF S-MBUF 
R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX   rexmt 
persistkeep2msl  delack rcvtime
tcp4   0 229912 192.168.0.21.55975 192.168.0.50.22 0 77 
 0 77  66608 229912  1   2048  0 316672 532864 18392960.24  
  0.00 7199.990.000.000.00

With compiled from source, OpenSSH 7.1.p1 on both sides, I get around
7MB/sec and -vvv gives:
debug2: channel 0: rcvd adjust 131072

And the send-q stays around 229912:
Proto Recv-Q Send-Q Local Address  Foreign AddressR-MBUF S-MBUF 
R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX   rexmt 
persistkeep2msl  delack rcvtime
tcp4   0 229912 192.168.0.21.10699 192.168.0.50.22 0 80 
 0 80  66608 229912  1   2048  0 339968 532864 18392960.25  
  0.00 7199.990.000.000.00

With compiled from source on the client, and HEAD OpenSSH w/ HPN on
the server side, 2MB/sec, -vvv shows:
debug2: channel 0: rcvd adjust 49152

and the send-q stays around 49296:
Proto Recv-Q Send-Q Local Address  Foreign AddressR-MBUF S-MBUF 
R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX   rexmt 
persistkeep2msl  delack rcvtime
tcp4   0  49296 192.168.0.21.43918 192.168.0.50.22 0 15 
 0 13  66608  98840  1   2048  0  55040 532864 7907200.20   
 0.00 7199.950.000.000.04

/etc/ssh/ssh{,d}_config are all stock (except PermitRootLogin is yes
on the VM), and the client side's .ssh/config only contains a single
commented out line...

P.S. I've had two panics on the dummynet box (running nc) the last being:
Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; apic id = 00
instruction pointer = 

Re: OpenSSH HPN

[John-Mark Gurney]

Allan Jude wrote this message on Sat, Nov 14, 2015 at 11:53 -0500:
> On 2015-11-14 02:47, John-Mark Gurney wrote:
> > Allan Jude wrote this message on Thu, Nov 12, 2015 at 17:57 -0500:
> >> On 2015-11-12 12:56, John-Mark Gurney wrote:
> >>> Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500:
>  On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> > On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> >
> >> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >>>  I would also like to remove the NONE cipher
> >>> patch, which is also available in the port (off by default, just like 
> >>> in
> >>> base).
> >>
> >> Fun fact, it's been broken in the port for several months with no
> >> complaints. It was just reported and fixed upstream in the last day and
> >> I wrote in a similar fix in the port. That speaks a lot about its usage
> >> in the port currently.
> >
> > I am try using NPH/NONE with base ssh and confused: don't see
> > performance rise, too complex to enable and too complex for use.
> 
>  I did a few quick (and dirty) benchmarks and it shows that the NONE
>  cipher definitely makes a difference. Version of OpenSSL also seems to
>  make a difference, as one might expect.
> 
>  Note: openssh from ports seems to link against both base and ports
>  libcrypto, I am still trying to make sure this isn't corrupting my
>  benchmark results.
> >>>
> >>> You don't need the aesni.ko module loaded for OpenSSL (which is how
> >>> OpenSSH uses most crypto algos) to use AES-NI..
> >>>
> >>> Also, do you set any sysctl's to play w/ the buffer sizes or anything?
> >>>
>  I am still debugging my dummynet setup to be able to prove that HPN
>  makes a difference (but it does).
> >>>
> >>> Does my example on the page not work for you?
> >>>
>  https://wiki.freebsd.org/SSHPerf
> >>>
> >>
> >> I found that when I set even 5ms of delay with dummynet, bandwidth over
> >> the LAN drops more than it should. Dummynet is limiting the rate rather
> >> than just adding the delay. I am investigating.
> >>
> >> I found this document:
> >> http://www.cs.unc.edu/~jeffay/dirt/FAQ/hstcp-howto.pdf
> >>
> >> Which is from the 6.x era, but suggests:
> >>
> >> "One subtle bug exists in the stock Dummynet implementation that should
> >> be corrected for experiments.  When a packet arrives in dummynet it is
> >> shoved into a queue which limits the bandwidth a TCP flow may use. Upon
> >> exit from the queue, the packet is transferred to a pipe where it sits
> >> for any configured amount of delay time and might possibly be dropped
> >> depending on the loss probability. Once the delay time has passed, the
> >> packet is released to ip output."
> >>
> >> May be the cause of my problem
> > 
> > Ahhh, probably need to adjust:
> > net.inet.ip.dummynet.pipe_byte_limit: 1048576
> > net.inet.ip.dummynet.pipe_slot_limit: 100
> > 
> > But even w/ the above limits and 5ms, you should still be able to push
> > 200MB/sec...
> 
> I worked with Hiren and some of his dtrace magic and figured out that
> dummynet was not my issue. I didn't end up needing to change the
> dummynet pipe slot/byte limit in order to get the full 10gig/sec even
> with 100ms delay from dummynet.
> 
> You just need to adjust:
> 
> net.inet.tcp.sendbuf_max=BDP
> net.inet.tcp.recvbuf_max=BDP
> 
> kern.ipc.maxsockbuf= ( BDP * (2048+256) ) / 2048
> 
> for a 50ms RTT:
> 
> BDP = 10gbps * .05 = ~60mb

I forgot to include _max adjustments on the page (the maxsockbuf was
there), but in all of my tests, I can't get close to that..  In my case,
I can demonstrate 20MB/sec+ over the link, and w/ a 100ms RTT, that'd
be a 2MB buffer size, and even when I increase these to 8MB, and
increase kern.ipc.maxsockbuf to 8MB too (otherwise _max is
meaningless), I still get 1.5MB/sec, not even close...

I do notice w/ nc that it'll slowly increase, and then suddenly back
off, just to closely increase again... I wonder if there is some issue
w/ TSO or tap that is causing issues...

> It can also greatly help to increase:
> net.inet.tcp.abc_l_var
> 
> Which is how many additional segments the CWNDs is incremented by each
> RTT during slow-start.
> 
> 
> I am still working on my set of benchmarks to show what different HPN
> makes with different RTT values, as well as what might be required to
> achieve max throughput for SSH over both LAN and the internet.
> 
> (For my company, we regularly transmit 500GB ZFS datasets over the
> public internet on 1gbps or 2x1gbps connections)

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[John-Mark Gurney]

Allan Jude wrote this message on Thu, Nov 12, 2015 at 17:57 -0500:
> On 2015-11-12 12:56, John-Mark Gurney wrote:
> > Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500:
> >> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> >>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> >>>
>  On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >  I would also like to remove the NONE cipher
> > patch, which is also available in the port (off by default, just like in
> > base).
> 
>  Fun fact, it's been broken in the port for several months with no
>  complaints. It was just reported and fixed upstream in the last day and
>  I wrote in a similar fix in the port. That speaks a lot about its usage
>  in the port currently.
> >>>
> >>> I am try using NPH/NONE with base ssh and confused: don't see
> >>> performance rise, too complex to enable and too complex for use.
> >>
> >> I did a few quick (and dirty) benchmarks and it shows that the NONE
> >> cipher definitely makes a difference. Version of OpenSSL also seems to
> >> make a difference, as one might expect.
> >>
> >> Note: openssh from ports seems to link against both base and ports
> >> libcrypto, I am still trying to make sure this isn't corrupting my
> >> benchmark results.
> > 
> > You don't need the aesni.ko module loaded for OpenSSL (which is how
> > OpenSSH uses most crypto algos) to use AES-NI..
> > 
> > Also, do you set any sysctl's to play w/ the buffer sizes or anything?
> > 
> >> I am still debugging my dummynet setup to be able to prove that HPN
> >> makes a difference (but it does).
> > 
> > Does my example on the page not work for you?
> > 
> >> https://wiki.freebsd.org/SSHPerf
> > 
> 
> I found that when I set even 5ms of delay with dummynet, bandwidth over
> the LAN drops more than it should. Dummynet is limiting the rate rather
> than just adding the delay. I am investigating.
> 
> I found this document:
> http://www.cs.unc.edu/~jeffay/dirt/FAQ/hstcp-howto.pdf
> 
> Which is from the 6.x era, but suggests:
> 
> "One subtle bug exists in the stock Dummynet implementation that should
> be corrected for experiments.  When a packet arrives in dummynet it is
> shoved into a queue which limits the bandwidth a TCP flow may use. Upon
> exit from the queue, the packet is transferred to a pipe where it sits
> for any configured amount of delay time and might possibly be dropped
> depending on the loss probability. Once the delay time has passed, the
> packet is released to ip output."
> 
> May be the cause of my problem

Ahhh, probably need to adjust:
net.inet.ip.dummynet.pipe_byte_limit: 1048576
net.inet.ip.dummynet.pipe_slot_limit: 100

But even w/ the above limits and 5ms, you should still be able to push
200MB/sec...

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Bryan Drewery  writes:
> It's harder to maintain the port version due to how the patches are
> applied and generated.

I have the diametrically opposite experience.  The workflow for ports is
significantly simpler than for base.  Perhaps I should set up a paralell
workflow for OpenSSH and apply the output of that workflow to the source
tree instead of working entirely within the source tree.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Allan Jude]

On 2015-11-12 12:56, John-Mark Gurney wrote:
> Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500:
>> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
>>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
>>>
 On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

 Fun fact, it's been broken in the port for several months with no
 complaints. It was just reported and fixed upstream in the last day and
 I wrote in a similar fix in the port. That speaks a lot about its usage
 in the port currently.
>>>
>>> I am try using NPH/NONE with base ssh and confused: don't see
>>> performance rise, too complex to enable and too complex for use.
>>
>> I did a few quick (and dirty) benchmarks and it shows that the NONE
>> cipher definitely makes a difference. Version of OpenSSL also seems to
>> make a difference, as one might expect.
>>
>> Note: openssh from ports seems to link against both base and ports
>> libcrypto, I am still trying to make sure this isn't corrupting my
>> benchmark results.
> 
> You don't need the aesni.ko module loaded for OpenSSL (which is how
> OpenSSH uses most crypto algos) to use AES-NI..
> 
> Also, do you set any sysctl's to play w/ the buffer sizes or anything?
> 
>> I am still debugging my dummynet setup to be able to prove that HPN
>> makes a difference (but it does).
> 
> Does my example on the page not work for you?
> 
>> https://wiki.freebsd.org/SSHPerf
> 

I found that when I set even 5ms of delay with dummynet, bandwidth over
the LAN drops more than it should. Dummynet is limiting the rate rather
than just adding the delay. I am investigating.

I found this document:
http://www.cs.unc.edu/~jeffay/dirt/FAQ/hstcp-howto.pdf

Which is from the 6.x era, but suggests:

"One subtle bug exists in the stock Dummynet implementation that should
be corrected for experiments.  When a packet arrives in dummynet it is
shoved into a queue which limits the bandwidth a TCP flow may use. Upon
exit from the queue, the packet is transferred to a pipe where it sits
for any configured amount of delay time and might possibly be dropped
depending on the loss probability. Once the delay time has passed, the
packet is released to ip output."

May be the cause of my problem

-- 
Allan Jude



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Benjamin Kaduk]

On Thu, 12 Nov 2015, Dewayne Geraghty wrote:

> Heimdal is (and has been for some time) undergoing constant development.
> For reasons unknown, they do not perform releases.  I am aware of updates
> from heimdal that are being applied to the samba project (in fact some of
> the samba developers are also feeding into heimdal).  The latest discussion
> was that the heimdal project are going to release a 1.7 "sometime",
> skipping 1.6 completely.

Things seem to have slowed down a lot since the lead Heimdal developer got
hired for Apple.  They have Apple-internal changes that don't necessarily
make their way back to the public project right away, and he is quite
busy.  There is no one who is employed to be a Heimdal release manager,
and the main developers all have other projects -- putting out a release
takes a fair bit of energy.  MIT employs developers whose job descriptions
include being the krb5 release manager, so there is financial support for
putting out regular releases.

Heimdal has changed plans to a 1.7 release because certain Linux
distributions packaged a snapshot of the 1.6 tree (to support Samba, as I
understand it), but then Heimdal development continued so that what would
be in the next release would not really reflect what was already deployed
using the 1.6 label.  As I understand it, there are still a couple
bugfixes/features that are considered to be blockers for the 1.7 release
that have not been implemented yet, and since the developers in question
are being paid to work on other things, there is no real timeline for the
release.


-Ben Kaduk

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Julian Elischer]

On 11/12/15 3:28 AM, Brooks Davis wrote:

On Tue, Nov 10, 2015 at 04:40:42PM -0800, Bryan Drewery wrote:

On 11/10/15 1:42 AM, Dag-Erling Sm??rgrav wrote:

Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.

The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release.  Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.

Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option.  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).

I had this same problem as well, but have since reworked the HPN patch
for ports to be more easily maintained.  I've considered offering or
just updating the base SSH, but have not since we have random changes in
the HPN functionality in base that would be lost.  We for some reason
decided we were going to maintain our own version and not even upstream
the changes to the HPN authors which has contributed to this situation.

We had ever intention of upstreaming our cleaned up HPN patches and some
interest from OpenSSH devs to take the window scaling portion of the
patch upstream, but other things intruded and we never found time to
complete that work.  I think both the window scaling and NONE cipher
changes are useful, but do not have time to do anything with them.  I'm
fine with them being removed from base and replaced or just dropped if
they are in the way of progress.


it would be nice if the outcome of this thread was that HPN patches 
(or something equivalent) were available by default in OpenSSH.

WE also have our own patch we add to give a NODELAY option.
It made a huge difference with tunnels where lots of small RPC packets 
were being sent.

I'll look at getting it into upstream.




-- Brooks


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Benjamin Kaduk  writes:
> Things seem to have slowed down a lot since the lead Heimdal developer
> got hired for Apple.  [...]  MIT employs developers whose job
> descriptions include being the krb5 release manager [...]  Heimdal has
> changed plans to a 1.7 release [...] and since the developers in
> question are being paid to work on other things, there is no real
> timeline for the release.

Given this state of affairs, it might not be unreasonable to consider
switching back for 11.  There should be enough time, provided our
Kerberos maintainers have some spare cycles.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dewayne Geraghty]

Slawa,
Heimdal is (and has been for some time) undergoing constant development.
For reasons unknown, they do not perform releases.  I am aware of updates
from heimdal that are being applied to the samba project (in fact some of
the samba developers are also feeding into heimdal).  The latest discussion
was that the heimdal project are going to release a 1.7 "sometime",
skipping 1.6 completely.

Des - good to make your intentions public.  I've enjoyed your youtube
presentations and recognise that your time will be better spent.  ( better
authentication perhaps ;) )

Bryan - is doing a good job of looking after the openssh port.  And if
folks really need those additional features, then that is the place to
enhance the "standard" offering; which can be upgraded in a pretty
straightforward manner.

Thought-provoking use of inetd perhaps its time to revisit as (an
additional) DOS measure(?)

Regards, Dewayne.
PS My apologies for the repetition Slawa, I meant to reply all earlier.
I'm recently becoming familiar with the gmail interface.

On Thu, Nov 12, 2015 at 5:44 AM, Slawa Olhovchenkov  wrote:

> On Wed, Nov 11, 2015 at 07:18:31PM +0100, Dag-Erling Smørgrav wrote:
>
> > Slawa Olhovchenkov  writes:
> > > Can you explain what is problem?
> >
> > Radical suggestion: read the first email in the thread.
>
> I am read and don't understund (you talk about trouble of maintaining
> the HPN patches).
> I see patched version in ports. This version maintaining.
> What is problem? Differnt openssh? Quality of patches?
> Different branches?
> ports branch is worse (by some reaason) base branch?
>
> > > PS: As I today know, kerberos heimdal is practicaly dead as opensource
> > > project. Have FreeBSD planed switch to MIT Kerberos?  I am know about
> > > security/krb5.
> >
> > We switched from MIT to Heimdal at some point in the past for some
> > reason I don't remember.  MIT and Heimdal are *not* interchangeable at
>
> I think because MIT stop development in the past.
>
> > the source or binary level, so switching back is not trivial.
>
> I am know about this.
> ___
> freebsd-secur...@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org
> "
>
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Julian Elischer]

On 11/12/15 5:32 AM, Bryan Drewery wrote:

On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:

  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).

Fun fact, it's been broken in the port for several months with no
complaints. It was just reported and fixed upstream in the last day and
I wrote in a similar fix in the port. That speaks a lot about its usage
in the port currently.


we use it all the time, we just don't update all that often.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Thu, Nov 12, 2015 at 12:15:35PM -0500, Allan Jude wrote:

> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> > On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> > 
> >> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >>>  I would also like to remove the NONE cipher
> >>> patch, which is also available in the port (off by default, just like in
> >>> base).
> >>
> >> Fun fact, it's been broken in the port for several months with no
> >> complaints. It was just reported and fixed upstream in the last day and
> >> I wrote in a similar fix in the port. That speaks a lot about its usage
> >> in the port currently.
> > 
> > I am try using NPH/NONE with base ssh and confused: don't see
> > performance rise, too complex to enable and too complex for use.
> > 
> > ___
> > freebsd-current@freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-current
> > To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
> > 
> 
> I did a few quick (and dirty) benchmarks and it shows that the NONE
> cipher definitely makes a difference. Version of OpenSSL also seems to
> make a difference, as one might expect.
> 
> Note: openssh from ports seems to link against both base and ports
> libcrypto, I am still trying to make sure this isn't corrupting my
> benchmark results.
> 
> I am still debugging my dummynet setup to be able to prove that HPN
> makes a difference (but it does).
> 
> https://wiki.freebsd.org/SSHPerf

I see you test NONE only on OpenSSH_7.1p1/1.0.2d.
I am try OpenSSH_6.6.1p1./1.0.1p (both side)
I am got about 500Mbit/s.
For OpenSSH_6.6.1p1/NONE I am got abot same.

I am don't see this combination in you table (OpenSSH_6.6.1p1./1.0.1p ix0 
OpenSSH_6.6.1p1./1.0.1p)
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[John-Mark Gurney]

Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500:
> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> > On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> > 
> >> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >>>  I would also like to remove the NONE cipher
> >>> patch, which is also available in the port (off by default, just like in
> >>> base).
> >>
> >> Fun fact, it's been broken in the port for several months with no
> >> complaints. It was just reported and fixed upstream in the last day and
> >> I wrote in a similar fix in the port. That speaks a lot about its usage
> >> in the port currently.
> > 
> > I am try using NPH/NONE with base ssh and confused: don't see
> > performance rise, too complex to enable and too complex for use.
> 
> I did a few quick (and dirty) benchmarks and it shows that the NONE
> cipher definitely makes a difference. Version of OpenSSL also seems to
> make a difference, as one might expect.
> 
> Note: openssh from ports seems to link against both base and ports
> libcrypto, I am still trying to make sure this isn't corrupting my
> benchmark results.

You don't need the aesni.ko module loaded for OpenSSL (which is how
OpenSSH uses most crypto algos) to use AES-NI..

Also, do you set any sysctl's to play w/ the buffer sizes or anything?

> I am still debugging my dummynet setup to be able to prove that HPN
> makes a difference (but it does).

Does my example on the page not work for you?

> https://wiki.freebsd.org/SSHPerf

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Thu, Nov 12, 2015 at 12:51:30PM -0500, Allan Jude wrote:

> On 2015-11-12 12:44, Slawa Olhovchenkov wrote:
> > On Thu, Nov 12, 2015 at 12:15:35PM -0500, Allan Jude wrote:
> > 
> >> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> >>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> >>>
>  On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >  I would also like to remove the NONE cipher
> > patch, which is also available in the port (off by default, just like in
> > base).
> 
>  Fun fact, it's been broken in the port for several months with no
>  complaints. It was just reported and fixed upstream in the last day and
>  I wrote in a similar fix in the port. That speaks a lot about its usage
>  in the port currently.
> >>>
> >>> I am try using NPH/NONE with base ssh and confused: don't see
> >>> performance rise, too complex to enable and too complex for use.
> >>>
> >>> ___
> >>> freebsd-current@freebsd.org mailing list
> >>> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> >>> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
> >>>
> >>
> >> I did a few quick (and dirty) benchmarks and it shows that the NONE
> >> cipher definitely makes a difference. Version of OpenSSL also seems to
> >> make a difference, as one might expect.
> >>
> >> Note: openssh from ports seems to link against both base and ports
> >> libcrypto, I am still trying to make sure this isn't corrupting my
> >> benchmark results.
> >>
> >> I am still debugging my dummynet setup to be able to prove that HPN
> >> makes a difference (but it does).
> >>
> >> https://wiki.freebsd.org/SSHPerf
> > 
> > I see you test NONE only on OpenSSH_7.1p1/1.0.2d.
> > I am try OpenSSH_6.6.1p1./1.0.1p (both side)
> > I am got about 500Mbit/s.
> > For OpenSSH_6.6.1p1/NONE I am got abot same.
> > 
> > I am don't see this combination in you table (OpenSSH_6.6.1p1./1.0.1p ix0 
> > OpenSSH_6.6.1p1./1.0.1p)
> > 
> 
> If NONE is actually being used, big warnings will be printed to your screen:
> 
> WARNING: ENABLED NONE CIPHER
> WARNING: ENABLED NONE CIPHER
> 
> If you don't see this, NONE is not being used.

I am see this, of couse.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Allan Jude]

On 2015-11-12 12:44, Slawa Olhovchenkov wrote:
> On Thu, Nov 12, 2015 at 12:15:35PM -0500, Allan Jude wrote:
> 
>> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
>>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
>>>
 On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

 Fun fact, it's been broken in the port for several months with no
 complaints. It was just reported and fixed upstream in the last day and
 I wrote in a similar fix in the port. That speaks a lot about its usage
 in the port currently.
>>>
>>> I am try using NPH/NONE with base ssh and confused: don't see
>>> performance rise, too complex to enable and too complex for use.
>>>
>>> ___
>>> freebsd-current@freebsd.org mailing list
>>> https://lists.freebsd.org/mailman/listinfo/freebsd-current
>>> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
>>>
>>
>> I did a few quick (and dirty) benchmarks and it shows that the NONE
>> cipher definitely makes a difference. Version of OpenSSL also seems to
>> make a difference, as one might expect.
>>
>> Note: openssh from ports seems to link against both base and ports
>> libcrypto, I am still trying to make sure this isn't corrupting my
>> benchmark results.
>>
>> I am still debugging my dummynet setup to be able to prove that HPN
>> makes a difference (but it does).
>>
>> https://wiki.freebsd.org/SSHPerf
> 
> I see you test NONE only on OpenSSH_7.1p1/1.0.2d.
> I am try OpenSSH_6.6.1p1./1.0.1p (both side)
> I am got about 500Mbit/s.
> For OpenSSH_6.6.1p1/NONE I am got abot same.
> 
> I am don't see this combination in you table (OpenSSH_6.6.1p1./1.0.1p ix0 
> OpenSSH_6.6.1p1./1.0.1p)
> 

If NONE is actually being used, big warnings will be printed to your screen:

WARNING: ENABLED NONE CIPHER
WARNING: ENABLED NONE CIPHER

If you don't see this, NONE is not being used.

-- 
Allan Jude



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Allan Jude]

On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
> 
>> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>>>  I would also like to remove the NONE cipher
>>> patch, which is also available in the port (off by default, just like in
>>> base).
>>
>> Fun fact, it's been broken in the port for several months with no
>> complaints. It was just reported and fixed upstream in the last day and
>> I wrote in a similar fix in the port. That speaks a lot about its usage
>> in the port currently.
> 
> I am try using NPH/NONE with base ssh and confused: don't see
> performance rise, too complex to enable and too complex for use.
> 
> ___
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
> 

I did a few quick (and dirty) benchmarks and it shows that the NONE
cipher definitely makes a difference. Version of OpenSSL also seems to
make a difference, as one might expect.

Note: openssh from ports seems to link against both base and ports
libcrypto, I am still trying to make sure this isn't corrupting my
benchmark results.

I am still debugging my dummynet setup to be able to prove that HPN
makes a difference (but it does).

https://wiki.freebsd.org/SSHPerf

-- 
Allan Jude



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Bryan Drewery  writes:
> Actually I am missing the client-side VersionAddendum support (ssh.c). I
> only have server-side (sshd.c).  This is just due to lack of motivation
> to import the changes.

Pretty sure I sent Damien the patch a few years ago...  There was also a
bug in the server-side code (IIRC, one place where it printed only the
hardcoded version instead of the variable string).  I'll try again.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Ben Woods]

On Wednesday, 11 November 2015, John-Mark Gurney  wrote:

> Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:
> > I have to agree that there are cases when the NONE cipher makes sense,
> and
> > it is up to the end user to make sure they know what they are doing.
> >
> > Personally I have used it at home to backup my old FreeBSD server (which
> > does not have AESNI) over a dedicated network connection to a backup
> server
> > using rsync/ssh. Since it was not possible for anyone else to be on that
> > local network, and the server was so old it didn't have AESNI and would
> > soon be retired, using the NONE cipher sped up the transfer
> significantly.
>
> If you have a trusted network, why not just use nc?
>

Honest answer: ignorance of how I can use netcat together with rsync.


-- 

--
From: Benjamin Woods
woods...@gmail.com
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Julian Elischer]

On 11/10/15 5:42 PM, Dag-Erling Smørgrav wrote:

Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.

The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release.  Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.

Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option.  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).

DES
The inclusion of the HPN patches meant that we could drop a custom 
unsupported HPN enabled ssh from our build process.

It makes ssh actually usable.
Without it we need to keep integrating HPN ever time ssh is upgraded.

We were SO HAPPY when it came in by default.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Julian Elischer]

On 11/10/15 7:16 PM, Dag-Erling Smørgrav wrote:

Bob Bishop  writes:

Is removing HPN going to impact the performance of tunnelled X
connexions?


yes if your rtt is greater than about 85 mSec
I don't know he details but I noticed a big difference.
I had thought X wouldn't show much difference but in fact it did.
At work we had to add HPN to get anything like acceptable performance
on various tunnels our appliance uses.

I don't think so.  It mostly affects the performance of long
unidirectional streams (file transfers) whereas the X protocol, as far
as I know, is a bidirectional exchange of relatively short messages.  It
may make a difference for applications that transfer large textures...
I don't really know enough about the X protocol to say for certain, but
I am typing this in Emacs over a non-HPN SSH connection, and I regularly
tunnel Firefox between the same two machines (RHEL 7 desktop at work and
FreeBSD 10 desktop at home).

DES


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Mark Martinec]

For a fast transfer of large files see sysutils/bbcp.

It uses ssh to establish authorized connection, then does
a transfer over multiple parallel TCP sessions by itself.

If data encryption is needed, combine it with security/hpenc

  Mark
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 10:13 AM, Slawa Olhovchenkov wrote:
> On Wed, Nov 11, 2015 at 05:51:25PM +0100, Dag-Erling Smørgrav wrote:
> 
>> Bryan Drewery  writes:
>>> Another thing that I did with the port was restore the tcpwrapper
>>> support that upstream removed. Again, if we decide it is not worth
>>> keeping in base I will remove it as default in the port.
>>
>> I want to keep tcpwrapper support - it is another reason why I still
>> haven't upgraded OpenSSH, but to the best of my knowledge, it is far
>> less intrusive than HPN.
> 
> Can you explain what is problem?
> I am see openssh in base and openssh in ports (more recent version)
> with same functionaly patches.
> You talk about trouble to upgrade. What is root?
> openssh in base have different vendor and/or license?
> Or something else?
> 
> PS: As I today know, kerberos heimdal is practicaly dead as opensource
> project. Have FreeBSD planed switch to MIT Kerberos?
> I am know about security/krb5.
> 

IMHO the problem comes down to time. Patching an upstream project
increases maintenance cost for upgrading it. Every patch adds up. When
you become busy and don't have time to pay attention to every little
change made in a release, hearing 'removed tcpwrappers support' or
'refactored the code  for libssh usage' makes it sound like 1 more
thing you must deal with to upgrade that code base and more effort to
validate that your patches are right. We obviously don't want to just
drop in the latest code and throw it out there as broken. SSH is quite
critical and we want to ensure our changes are still right, and that
doing something like adding tcpwrappers back in won't introduce some
security bug that upstream was coy about.

-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 1:04 AM, Dag-Erling Smørgrav wrote:
> Ben Woods  writes:
>> Personally I have used it at home to backup my old FreeBSD server
>> (which does not have AESNI) over a dedicated network connection to a
>> backup server using rsync/ssh. Since it was not possible for anyone
>> else to be on that local network, and the server was so old it didn't
>> have AESNI and would soon be retired, using the NONE cipher sped up
>> the transfer significantly.
> 
> In that scenario, you don't need ssh at all.  Just set up rsyncd on the
> backup server.
> 

Yes, it's more a matter of convenience with key management. I admit that
after some recent changes I've made I did resort to using the base SSH
and rsync:// to achieve my backups over VPN out of not wanting to
customize the the new system further with the port version or rebuilding
base.


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/2015 3:48 AM, Dag-Erling Smørgrav wrote:
> Willem Jan Withagen  writes:
>> "Dag-Erling Smørgrav"  writes:
>>> Willem Jan Withagen  writes:
 Are they still willing to accept changes to the old version that
 is currently in base?
>>> No, why would they do that?
>> Exactly my question  I guess I misinterpreted your suggestion on
>> upstreaming patches.
> 
> I didn't suggest submitting patches, I suggested submitting a feature
> request.  Damien is generally pretty open to suggestions.
> 

My own experience here has been positive, both with patches, feature
suggestion, and general discussion. The upstream is more open than
people may think.


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Daniel Kalchev  writes:
> I must have missed the explanation. But why having a NONE cypher
> compiled in, but disabled in the configuration is a bad idea?

It increases the cost of maintaining OpenSSH in base noticeably without
providing real value unless you are one of the few people who need HPN
and lack the CPU power to perform encryption at line speed.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Slawa Olhovchenkov  writes:
> Can you explain what is problem?

Radical suggestion: read the first email in the thread.

> PS: As I today know, kerberos heimdal is practicaly dead as opensource
> project. Have FreeBSD planed switch to MIT Kerberos?  I am know about
> security/krb5.

We switched from MIT to Heimdal at some point in the past for some
reason I don't remember.  MIT and Heimdal are *not* interchangeable at
the source or binary level, so switching back is not trivial.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 1:23 AM, Dag-Erling Smørgrav wrote:
> Bryan Drewery  writes:
>> Actually I am missing the client-side VersionAddendum support (ssh.c). I
>> only have server-side (sshd.c).  This is just due to lack of motivation
>> to import the changes.
> 
> Pretty sure I sent Damien the patch a few years ago...  There was also a
> bug in the server-side code (IIRC, one place where it printed only the
> hardcoded version instead of the variable string).  I'll try again.
> 

By the way, I may have come off wrong. I'm willing to do the work to
update the base version and put it out for review if you would like.

Another thing that I did with the port was restore the tcpwrapper
support that upstream removed. Again, if we decide it is not worth
keeping in base I will remove it as default in the port.

I honestly don't have a strong opinion on keeping or removing HPN. It is
afterall available in the port and I intend to keep it as an option
there. The question is just what the default is.

I prefer to keep the port close to the base version by default options.
I never liked the idea of having 2 different things in the ecosystem
that behave differently, from OpenSSL to OpenSSH, etc.


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Bryan Drewery  writes:
> Another thing that I did with the port was restore the tcpwrapper
> support that upstream removed. Again, if we decide it is not worth
> keeping in base I will remove it as default in the port.

I want to keep tcpwrapper support - it is another reason why I still
haven't upgraded OpenSSH, but to the best of my knowledge, it is far
less intrusive than HPN.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Wed, Nov 11, 2015 at 05:51:25PM +0100, Dag-Erling Smørgrav wrote:

> Bryan Drewery  writes:
> > Another thing that I did with the port was restore the tcpwrapper
> > support that upstream removed. Again, if we decide it is not worth
> > keeping in base I will remove it as default in the port.
> 
> I want to keep tcpwrapper support - it is another reason why I still
> haven't upgraded OpenSSH, but to the best of my knowledge, it is far
> less intrusive than HPN.

Can you explain what is problem?
I am see openssh in base and openssh in ports (more recent version)
with same functionaly patches.
You talk about trouble to upgrade. What is root?
openssh in base have different vendor and/or license?
Or something else?

PS: As I today know, kerberos heimdal is practicaly dead as opensource
project. Have FreeBSD planed switch to MIT Kerberos?
I am know about security/krb5.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 8:51 AM, Dag-Erling Smørgrav wrote:
> Bryan Drewery  writes:
>> Another thing that I did with the port was restore the tcpwrapper
>> support that upstream removed. Again, if we decide it is not worth
>> keeping in base I will remove it as default in the port.
> 
> I want to keep tcpwrapper support - it is another reason why I still
> haven't upgraded OpenSSH, but to the best of my knowledge, it is far
> less intrusive than HPN.
> 

Yes, it's very small.
/usr/ports/security/openssh-portable/files/extra-patch-tcpwrappers


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 7:49 AM, Daniel Kalchev wrote:
> It is my understanding, that using the NONE cypher is not identical to using 
> “the old tools” (rsh/rlogin/rcp).
> 
> When ssh uses the NONE cypher, credentials and authorization are still 
> encrypted and verified. Only the actual data payload is not encrypted.
> 
> Perhaps similar level of security could be achieved by “the old tools” if 
> they were by default compiled with Kerberos. Although, this still requires 
> building additional infrastructure.
> 
> I must have missed the explanation. But why having a NONE cypher compiled in, 
> but disabled in the configuration is a bad idea?

My reasoning for wanting SSH/SCP with NONE is precisely because of the
ssh key support. It simplifies a lot to be able to use the same key over
a VPN and not over the VPN to connect to the same system.


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Bjoern A. Zeeb]

> On 11 Nov 2015, at 16:53 , Bryan Drewery  wrote:
> 
> On 11/11/2015 8:51 AM, Dag-Erling Smørgrav wrote:
>> Bryan Drewery  writes:
>>> Another thing that I did with the port was restore the tcpwrapper
>>> support that upstream removed. Again, if we decide it is not worth
>>> keeping in base I will remove it as default in the port.
>> 
>> I want to keep tcpwrapper support - it is another reason why I still
>> haven't upgraded OpenSSH, but to the best of my knowledge, it is far
>> less intrusive than HPN.
>> 
> 
> Yes, it's very small.
> /usr/ports/security/openssh-portable/files/extra-patch-tcpwrappers

And thanks to both of you for keeping it.
It’s often the best you can get if you have machines which run w/o firewalls.

Just wanted to say “thanks”!

/bz
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Julian Elischer]

On 11/11/15 7:56 PM, Dag-Erling Smørgrav wrote:

Julian Elischer  writes:

The inclusion of the HPN patches meant that we could drop a custom
unsupported HPN enabled ssh from our build process.  It makes ssh
actually usable.

Define "usable".  Does it actually make a measurable difference with the
latest OpenSSH?  And if HPN is so important to you, is there a reason
why you can't use the port?

useable..  able to use more than 5% of the available bandwidth.

Our environment is not freeBSD exactly. many ports won't compile and 
we don't have ports in our setup (I didn't do it.. don't blame me)
But we do and can compile FreeBSD sourcers so ssh from src is an easy 
recompile or just a binary drop in.
We used to do it by hand from sources ftp'd from OpenBSD and compiled 
straight (no ports),
but since it came to have HPN all that went away because the in-tree 
one worked for us.

Now we'll have to resurrect all that framework and pain.

have you mentioned this plan to Brooks?  Didn't he add it?



DES


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Tue, Nov 10, 2015 at 09:52:16AM -0800, John-Mark Gurney wrote:

> Dag-Erling Smrgrav wrote this message on Tue, Nov 10, 2015 at 10:42 +0100:
> > Therefore, I would like to remove the HPN patches from base and refer
> > anyone who really needs them to the openssh-portable port, which has
> > them as a default option.  I would also like to remove the NONE cipher
> > patch, which is also available in the port (off by default, just like in
> > base).
> 
> My vote is to remove the HPN patches.  First, the NONE cipher made more
> sense back when we didn't have AES-NI widely available, and you were
> seriously limited by it's performance.  Now we have both aes-gcm and
> chacha-poly which it's performance should be more than acceptable for
> today's uses (i.e. cipher performance is 2GB/sec+).
> 
> Second, I did some testing recently due to a thread on -net, and I
> found no significant (not run statistically though) difference in
> performance between in HEAD ssh and OpenSSH 7.1p1.  I started a wiki
> page to talk about this:
> https://wiki.freebsd.org/SSHPerf

Hmm, I see in this page max speed 20MB/sec. This is too small.
What is problem? With modern 40G NIC wanted speed about 20Gbit/s.
10Gbit/s at least.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Tue, Nov 10, 2015 at 11:59:30PM -0800, John-Mark Gurney wrote:

> Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:
> > On Wednesday, 11 November 2015, Bryan Drewery  wrote:
> > 
> > > On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> > > > My vote is to remove the HPN patches.  First, the NONE cipher made more
> > > > sense back when we didn't have AES-NI widely available, and you were
> > > > seriously limited by it's performance.  Now we have both aes-gcm and
> > > > chacha-poly which it's performance should be more than acceptable for
> > > > today's uses (i.e. cipher performance is 2GB/sec+).
> > >
> > > AES-NI doesn't help the absurdity of double-encrypting when using scp or
> > > rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
> > > for me.
> > 
> > I have to agree that there are cases when the NONE cipher makes sense, and
> > it is up to the end user to make sure they know what they are doing.
> > 
> > Personally I have used it at home to backup my old FreeBSD server (which
> > does not have AESNI) over a dedicated network connection to a backup server
> > using rsync/ssh. Since it was not possible for anyone else to be on that
> > local network, and the server was so old it didn't have AESNI and would
> > soon be retired, using the NONE cipher sped up the transfer significantly.
> 
> If you have a trusted network, why not just use nc?

I think you kidding:

- scp need only one command on initiator side and
  no additional setup on target. simple, well know.
- nc need additional work on target, need synchronization for file
  names with target, also need ssh to target for start, etc... Too
  complex.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Julian Elischer  writes:
> Bob Bishop  writes:
> > Is removing HPN going to impact the performance of tunnelled X
> > connexions?
> yes if your rtt is greater than about 85 mSec

With an RTT of 85 ms, X is unusable with or without HPN.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Julian Elischer  writes:
> Now we'll have to resurrect all that framework and pain.

I guess pain is fine as long as it's not yours...

> have you mentioned this plan to Brooks?  Didn't he add it?

These are public lists, but by all means, mention it to him if he hasn't
noticed this thread.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Daniel Kalchev]

It is my understanding, that using the NONE cypher is not identical to using 
“the old tools” (rsh/rlogin/rcp).

When ssh uses the NONE cypher, credentials and authorization are still 
encrypted and verified. Only the actual data payload is not encrypted.

Perhaps similar level of security could be achieved by “the old tools” if they 
were by default compiled with Kerberos. Although, this still requires building 
additional infrastructure.

I must have missed the explanation. But why having a NONE cypher compiled in, 
but disabled in the configuration is a bad idea?

Daniel


> On 11.11.2015 г., at 10:55, Jason Birch  wrote:
> 
> On Wed, Nov 11, 2015 at 6:59 PM, John-Mark Gurney  wrote:
>> If you have a trusted network, why not just use nc?
> 
> Perhaps more generally relevant is that ssh/scp are *waves hands* vaguely
> analogous to secure versions of rsh/rlogin/rcp. I'd think that most cases
> of "I wanted to send files and invoke some commands on a remote machine,
> and due to $CIRCUMSTANCE I don't need or desire encryption" are covered
> by the older, also standard tools. Additionally, rsync can use rsh as its
> transport, for users who desire more advanced behaviour. ssh just seems
> to have more support; Installation will ask you if you'd like to run sshd
> (not rshd), ssh is rather ubiquitous as a way of "doing a thing remotely"
> (even in Windows soon!), etc. This is a good default to have; the
> overhead of security is tiny in nearly all cases.
> 
> It would seem then that the extra complexity of maintenance development
> in supporting NONE in base doesn't really grant us any additional
> functionality in most cases. It's just more 'obvious'.
> ___
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Jason Birch]

On Wed, Nov 11, 2015 at 6:59 PM, John-Mark Gurney  wrote:
> If you have a trusted network, why not just use nc?

Perhaps more generally relevant is that ssh/scp are *waves hands* vaguely
analogous to secure versions of rsh/rlogin/rcp. I'd think that most cases
of "I wanted to send files and invoke some commands on a remote machine,
and due to $CIRCUMSTANCE I don't need or desire encryption" are covered
by the older, also standard tools. Additionally, rsync can use rsh as its
transport, for users who desire more advanced behaviour. ssh just seems
to have more support; Installation will ask you if you'd like to run sshd
(not rshd), ssh is rather ubiquitous as a way of "doing a thing remotely"
(even in Windows soon!), etc. This is a good default to have; the
overhead of security is tiny in nearly all cases.

It would seem then that the extra complexity of maintenance development
in supporting NONE in base doesn't really grant us any additional
functionality in most cases. It's just more 'obvious'.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Ben Woods  writes:
> Personally I have used it at home to backup my old FreeBSD server
> (which does not have AESNI) over a dedicated network connection to a
> backup server using rsync/ssh. Since it was not possible for anyone
> else to be on that local network, and the server was so old it didn't
> have AESNI and would soon be retired, using the NONE cipher sped up
> the transfer significantly.

In that scenario, you don't need ssh at all.  Just set up rsyncd on the
backup server.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Julian Elischer  writes:
> The inclusion of the HPN patches meant that we could drop a custom
> unsupported HPN enabled ssh from our build process.  It makes ssh
> actually usable.

Define "usable".  Does it actually make a measurable difference with the
latest OpenSSH?  And if HPN is so important to you, is there a reason
why you can't use the port?

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Jan Bramkamp]

On 11/11/15 09:27, Ben Woods wrote:

On Wednesday, 11 November 2015, John-Mark Gurney  wrote:


Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:

I have to agree that there are cases when the NONE cipher makes sense,

and

it is up to the end user to make sure they know what they are doing.

Personally I have used it at home to backup my old FreeBSD server (which
does not have AESNI) over a dedicated network connection to a backup

server

using rsync/ssh. Since it was not possible for anyone else to be on that
local network, and the server was so old it didn't have AESNI and would
soon be retired, using the NONE cipher sped up the transfer

significantly.

If you have a trusted network, why not just use nc?



Honest answer: ignorance of how I can use netcat together with rsync.


Sounds like you're looking for rsyncd instead of rsync over ssh (minus 
encryption).

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

kereros telnet/rlogin/etc. (was Re: OpenSSH HPN)

[Benjamin Kaduk]

On Wed, 11 Nov 2015, Daniel Kalchev wrote:

>
> Perhaps similar level of security could be achieved by “the old tools”
> if they were by default compiled with Kerberos. Although, this still
> requires building additional infrastructure.

The kerberized versions of the old tools are basically unsupported
upstream at this point.  Telnet is actively insecure, being limited to
single-DES; rlogin may be somewhat better but it's still not looking very
good.  ssh is better because it speaks GSS-API instead of raw kerberos,
and can thus keeps up with newer crypto automatically.

When I was working at MIT, I considered making a final release of the
krb5-appl distribution, so as to include in the release announcement that
they were not going to be supported further, but could not even bring
myself to do that.  They are not in Debian anymore, and I expect them to
dwindle from other distributions, too.

Let the "old tools" grow old and retire.

-Ben
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Wed, Nov 11, 2015 at 10:18:08AM -0800, Bryan Drewery wrote:

> On 11/11/2015 10:13 AM, Slawa Olhovchenkov wrote:
> > On Wed, Nov 11, 2015 at 05:51:25PM +0100, Dag-Erling Smørgrav wrote:
> > 
> >> Bryan Drewery  writes:
> >>> Another thing that I did with the port was restore the tcpwrapper
> >>> support that upstream removed. Again, if we decide it is not worth
> >>> keeping in base I will remove it as default in the port.
> >>
> >> I want to keep tcpwrapper support - it is another reason why I still
> >> haven't upgraded OpenSSH, but to the best of my knowledge, it is far
> >> less intrusive than HPN.
> > 
> > Can you explain what is problem?
> > I am see openssh in base and openssh in ports (more recent version)
> > with same functionaly patches.
> > You talk about trouble to upgrade. What is root?
> > openssh in base have different vendor and/or license?
> > Or something else?
> > 
> > PS: As I today know, kerberos heimdal is practicaly dead as opensource
> > project. Have FreeBSD planed switch to MIT Kerberos?
> > I am know about security/krb5.
> > 
> 
> IMHO the problem comes down to time. Patching an upstream project
> increases maintenance cost for upgrading it. Every patch adds up. When
> you become busy and don't have time to pay attention to every little
> change made in a release, hearing 'removed tcpwrappers support' or
> 'refactored the code  for libssh usage' makes it sound like 1 more
> thing you must deal with to upgrade that code base and more effort to
> validate that your patches are right. We obviously don't want to just
> drop in the latest code and throw it out there as broken. SSH is quite
> critical and we want to ensure our changes are still right, and that
> doing something like adding tcpwrappers back in won't introduce some
> security bug that upstream was coy about.

Some for as ports version?
Or ports version different?
Or port mantainer have more time (this is not to blame for DES)?
I am just don't know what is different between port ssh and base ssh.
We need ssh 6.x in base, not 7.x as in port (why?) and this is need
independed work on pathes?
I am missing somehow commonplace for others.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/2015 3:56 PM, Slawa Olhovchenkov wrote:
> On Wed, Nov 11, 2015 at 10:18:08AM -0800, Bryan Drewery wrote:
> 
>> On 11/11/2015 10:13 AM, Slawa Olhovchenkov wrote:
>>> On Wed, Nov 11, 2015 at 05:51:25PM +0100, Dag-Erling Smørgrav wrote:
>>>
 Bryan Drewery  writes:
> Another thing that I did with the port was restore the tcpwrapper
> support that upstream removed. Again, if we decide it is not worth
> keeping in base I will remove it as default in the port.

 I want to keep tcpwrapper support - it is another reason why I still
 haven't upgraded OpenSSH, but to the best of my knowledge, it is far
 less intrusive than HPN.
>>>
>>> Can you explain what is problem?
>>> I am see openssh in base and openssh in ports (more recent version)
>>> with same functionaly patches.
>>> You talk about trouble to upgrade. What is root?
>>> openssh in base have different vendor and/or license?
>>> Or something else?
>>>
>>> PS: As I today know, kerberos heimdal is practicaly dead as opensource
>>> project. Have FreeBSD planed switch to MIT Kerberos?
>>> I am know about security/krb5.
>>>
>>
>> IMHO the problem comes down to time. Patching an upstream project
>> increases maintenance cost for upgrading it. Every patch adds up. When
>> you become busy and don't have time to pay attention to every little
>> change made in a release, hearing 'removed tcpwrappers support' or
>> 'refactored the code  for libssh usage' makes it sound like 1 more
>> thing you must deal with to upgrade that code base and more effort to
>> validate that your patches are right. We obviously don't want to just
>> drop in the latest code and throw it out there as broken. SSH is quite
>> critical and we want to ensure our changes are still right, and that
>> doing something like adding tcpwrappers back in won't introduce some
>> security bug that upstream was coy about.
> 
> Some for as ports version?
> Or ports version different?
> Or port mantainer have more time (this is not to blame for DES)?
> I am just don't know what is different between port ssh and base ssh.
> We need ssh 6.x in base, not 7.x as in port (why?) and this is need
> independed work on pathes?
> I am missing somehow commonplace for others.
> 

I am the ports maintainer. That was my opinion on why OpenSSH falls
behind. There is no real difference between the base and port version
except that the port version has some more optional patches, and is
easier to push updates for through ports and packages, rather than an
Errata through freebsd-update or a full release to get to the latest
OpenSSH version.

There have been many times where the base version was more up-to-date
than the port as well due to the lack of a maintainer or the previously
mentioned patch blockers.

-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Wed, Nov 11, 2015 at 03:58:35PM -0800, Bryan Drewery wrote:

> > Some for as ports version?
> > Or ports version different?
> > Or port mantainer have more time (this is not to blame for DES)?
> > I am just don't know what is different between port ssh and base ssh.
> > We need ssh 6.x in base, not 7.x as in port (why?) and this is need
> > independed work on pathes?
> > I am missing somehow commonplace for others.
> > 
> 
> I am the ports maintainer. That was my opinion on why OpenSSH falls
> behind. There is no real difference between the base and port version
> except that the port version has some more optional patches, and is
> easier to push updates for through ports and packages, rather than an
> Errata through freebsd-update or a full release to get to the latest
> OpenSSH version.

This impact only to deploy, not to patch, right?
Or bugs found around NPH/NONE patches?

> There have been many times where the base version was more up-to-date
> than the port as well due to the lack of a maintainer or the previously
> mentioned patch blockers.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:

> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
> >  I would also like to remove the NONE cipher
> > patch, which is also available in the port (off by default, just like in
> > base).
> 
> Fun fact, it's been broken in the port for several months with no
> complaints. It was just reported and fixed upstream in the last day and
> I wrote in a similar fix in the port. That speaks a lot about its usage
> in the port currently.

I am try using NPH/NONE with base ssh and confused: don't see
performance rise, too complex to enable and too complex for use.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/11/15 4:05 PM, Slawa Olhovchenkov wrote:
> On Wed, Nov 11, 2015 at 03:58:35PM -0800, Bryan Drewery wrote:
> 
>>> Some for as ports version?
>>> Or ports version different?
>>> Or port mantainer have more time (this is not to blame for DES)?
>>> I am just don't know what is different between port ssh and base ssh.
>>> We need ssh 6.x in base, not 7.x as in port (why?) and this is need
>>> independed work on pathes?
>>> I am missing somehow commonplace for others.
>>>
>>
>> I am the ports maintainer. That was my opinion on why OpenSSH falls
>> behind. There is no real difference between the base and port version
>> except that the port version has some more optional patches, and is
>> easier to push updates for through ports and packages, rather than an
>> Errata through freebsd-update or a full release to get to the latest
>> OpenSSH version.
> 
> This impact only to deploy, not to patch, right?

It's harder to maintain the port version due to how the patches are
applied and generated. That's only my problem though.

> Or bugs found around NPH/NONE patches?
> 
>> There have been many times where the base version was more up-to-date
>> than the port as well due to the lack of a maintainer or the previously
>> mentioned patch blockers.


-- 
Regards,
Bryan Drewery
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Roger Marquis]

On Wed, 11 Nov 2015, Dag-Erling Sm?rgrav wrote:

I want to keep tcpwrapper support - it is another reason why I still
haven't upgraded OpenSSH, but to the best of my knowledge, it is far
less intrusive than HPN.


There's also inetd's tcpwrapper support if you call sshd from inetd for
D/DOS protection.  Inetd and its rate-limiting flags are strongly
recommended for security-minded systems.

Starting sshd from rc.d should never have been made the default, IMO, as
keygen delays are rarely relevant and weren't even back in the days of
300MHz CPUs (18 years ago).  The only reason inetd is not more widely
used today is that many sysadmins aren't familiar with it.

Roger Marquis
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[John-Mark Gurney]

Ben Woods wrote this message on Wed, Nov 11, 2015 at 16:27 +0800:
> On Wednesday, 11 November 2015, John-Mark Gurney  wrote:
> 
> > Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:
> > > I have to agree that there are cases when the NONE cipher makes sense,
> > and
> > > it is up to the end user to make sure they know what they are doing.
> > >
> > > Personally I have used it at home to backup my old FreeBSD server (which
> > > does not have AESNI) over a dedicated network connection to a backup
> > server
> > > using rsync/ssh. Since it was not possible for anyone else to be on that
> > > local network, and the server was so old it didn't have AESNI and would
> > > soon be retired, using the NONE cipher sped up the transfer
> > significantly.
> >
> > If you have a trusted network, why not just use nc?
> 
> Honest answer: ignorance of how I can use netcat together with rsync.

A quick google of rsync nc, turned up method 2 & 4 from:
https://rsync.samba.org/firewall.html

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Wed, Nov 11, 2015 at 07:18:31PM +0100, Dag-Erling Smørgrav wrote:

> Slawa Olhovchenkov  writes:
> > Can you explain what is problem?
> 
> Radical suggestion: read the first email in the thread.

I am read and don't understund (you talk about trouble of maintaining
the HPN patches).
I see patched version in ports. This version maintaining.
What is problem? Differnt openssh? Quality of patches?
Different branches?
ports branch is worse (by some reaason) base branch?

> > PS: As I today know, kerberos heimdal is practicaly dead as opensource
> > project. Have FreeBSD planed switch to MIT Kerberos?  I am know about
> > security/krb5.
> 
> We switched from MIT to Heimdal at some point in the past for some
> reason I don't remember.  MIT and Heimdal are *not* interchangeable at

I think because MIT stop development in the past.

> the source or binary level, so switching back is not trivial.

I am know about this.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[John-Mark Gurney]

Daniel Kalchev wrote this message on Wed, Nov 11, 2015 at 17:49 +0200:
> It is my understanding, that using the NONE cypher is not identical to using 
> ???the old tools??? (rsh/rlogin/rcp).
> 
> When ssh uses the NONE cypher, credentials and authorization are still 
> encrypted and verified. Only the actual data payload is not encrypted.

Except the point is that you ALREADY trust your network, so you don't
need to encrypt the credentials and authorizations, otherwise, why are
you running unencrypted payloads?

In fact, if you aren't running at least a MAC, or a final verify, and
you're transfering large amounts of data (multiple gigabytes), the data
can and will likely be corrupted...

See:
http://noahdavids.org/self_published/CRC_and_checksum.html

Having not used the NONE cipher, I don't know if the MAC is also
removed or not...  Either way, the MAC is still the long poll when
it comes to encryption w/ AES-NI...

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Brooks Davis]

On Tue, Nov 10, 2015 at 04:40:42PM -0800, Bryan Drewery wrote:
> On 11/10/15 1:42 AM, Dag-Erling Sm??rgrav wrote:
> > Some of you may have noticed that OpenSSH in base is lagging far behind
> > the upstream code.
> > 
> > The main reason for this is the burden of maintaining the HPN patches.
> > They are extensive, very intrusive, and touch parts of the OpenSSH code
> > that change significantly in every release.  Since they are not
> > regularly updated, I have to choose between trying to resolve the
> > conflicts myself (hoping I don't break anything) or waiting for them to
> > catch up and then figuring out how to apply the new version.
> > 
> > Therefore, I would like to remove the HPN patches from base and refer
> > anyone who really needs them to the openssh-portable port, which has
> > them as a default option.  I would also like to remove the NONE cipher
> > patch, which is also available in the port (off by default, just like in
> > base).
> 
> I had this same problem as well, but have since reworked the HPN patch
> for ports to be more easily maintained.  I've considered offering or
> just updating the base SSH, but have not since we have random changes in
> the HPN functionality in base that would be lost.  We for some reason
> decided we were going to maintain our own version and not even upstream
> the changes to the HPN authors which has contributed to this situation.

We had ever intention of upstreaming our cleaned up HPN patches and some
interest from OpenSSH devs to take the window scaling portion of the
patch upstream, but other things intruded and we never found time to 
complete that work.  I think both the window scaling and NONE cipher
changes are useful, but do not have time to do anything with them.  I'm 
fine with them being removed from base and replaced or just dropped if
they are in the way of progress.

-- Brooks


signature.asc
Description: PGP signature

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

Fun fact, it's been broken in the port for several months with no
complaints. It was just reported and fixed upstream in the last day and
I wrote in a similar fix in the port. That speaks a lot about its usage
in the port currently.

-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[John-Mark Gurney]

Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:
> On Wednesday, 11 November 2015, Bryan Drewery  wrote:
> 
> > On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> > > My vote is to remove the HPN patches.  First, the NONE cipher made more
> > > sense back when we didn't have AES-NI widely available, and you were
> > > seriously limited by it's performance.  Now we have both aes-gcm and
> > > chacha-poly which it's performance should be more than acceptable for
> > > today's uses (i.e. cipher performance is 2GB/sec+).
> >
> > AES-NI doesn't help the absurdity of double-encrypting when using scp or
> > rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
> > for me.
> 
> I have to agree that there are cases when the NONE cipher makes sense, and
> it is up to the end user to make sure they know what they are doing.
> 
> Personally I have used it at home to backup my old FreeBSD server (which
> does not have AESNI) over a dedicated network connection to a backup server
> using rsync/ssh. Since it was not possible for anyone else to be on that
> local network, and the server was so old it didn't have AESNI and would
> soon be retired, using the NONE cipher sped up the transfer significantly.

If you have a trusted network, why not just use nc?

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Mark Felder]

On Tue, Nov 10, 2015, at 05:25, Willem Jan Withagen wrote:
> On 10-11-2015 12:11, Dag-Erling Smørgrav wrote:
> > Willem Jan Withagen  writes:
> >> Digging in my logfiles  , and its things like:
> >>   sshd[84942]: Disconnecting: Too many authentication failures [preauth]
> >>
> >> So errors/warnings without IP-nr.
> >>
> >> And I think I fixed it on one server to also write:
> >> error: maximum authentication attempts exceeded for root from
> >> 173.254.203.88 port 1042 ssh2 [preauth]
> >
> > fail2ban should catch both of these since sshd will print a message for
> > each failed authentication attempt before it prints a message about
> > reaching the limit.
> 
> It's already too long to remember the full facts, but when I was looking 
> at the parser in sshguard, I think I noticed that certain accesses 
> weren't logged and added some more logging rules to catch those.
> 
> What I still have lingering is this snippet:
> Index: crypto/openssh/packet.c
> ===
> --- crypto/openssh/packet.c (revision 289060)
> +++ crypto/openssh/packet.c (working copy)
> @@ -1128,8 +1128,10 @@
>  logit("Connection closed by %.200s", 
> get_remote_ipaddr());
>  cleanup_exit(255);
>  }
> -   if (len < 0)
> +   if (len < 0) {
> +   logit("Read from socket failed: %.200s", 
> get_remote_ipaddr());
>  fatal("Read from socket failed: %.100s", 
> strerror(errno));
> +   }
>  /* Append it to the buffer. */
>  packet_process_incoming(buf, len);
>  }
> 
> But like I said: The code I found at openssh was so totally different 
> that I did not continued this track, but chose to start running openssh 
> from ports. Which does not generate warnings I have questions about the 
> originating ip-nr.
> 
> >> Are they still willing to accept changes to the old version that is
> >> currently in base?
> >
> > No, why would they do that?
> 
> Exactly my question
> I guess I misinterpreted your suggestion on upstreaming patches.
> 
> --WjW
> 

I honestly think everyone would be better served by porting blacklistd
from NetBSD than trying to increase verbosity for log files.


-- 
  Mark Felder
  ports-secteam member
  f...@freebsd.org
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Allan Jude]

On 2015-11-10 11:02, Mark Felder wrote:
> 
> 
> On Tue, Nov 10, 2015, at 05:25, Willem Jan Withagen wrote:
>> On 10-11-2015 12:11, Dag-Erling Smørgrav wrote:
>>> Willem Jan Withagen  writes:
 Digging in my logfiles  , and its things like:
   sshd[84942]: Disconnecting: Too many authentication failures [preauth]

 So errors/warnings without IP-nr.

 And I think I fixed it on one server to also write:
 error: maximum authentication attempts exceeded for root from
 173.254.203.88 port 1042 ssh2 [preauth]
>>>
>>> fail2ban should catch both of these since sshd will print a message for
>>> each failed authentication attempt before it prints a message about
>>> reaching the limit.
>>
>> It's already too long to remember the full facts, but when I was looking 
>> at the parser in sshguard, I think I noticed that certain accesses 
>> weren't logged and added some more logging rules to catch those.
>>
>> What I still have lingering is this snippet:
>> Index: crypto/openssh/packet.c
>> ===
>> --- crypto/openssh/packet.c (revision 289060)
>> +++ crypto/openssh/packet.c (working copy)
>> @@ -1128,8 +1128,10 @@
>>  logit("Connection closed by %.200s", 
>> get_remote_ipaddr());
>>  cleanup_exit(255);
>>  }
>> -   if (len < 0)
>> +   if (len < 0) {
>> +   logit("Read from socket failed: %.200s", 
>> get_remote_ipaddr());
>>  fatal("Read from socket failed: %.100s", 
>> strerror(errno));
>> +   }
>>  /* Append it to the buffer. */
>>  packet_process_incoming(buf, len);
>>  }
>>
>> But like I said: The code I found at openssh was so totally different 
>> that I did not continued this track, but chose to start running openssh 
>> from ports. Which does not generate warnings I have questions about the 
>> originating ip-nr.
>>
 Are they still willing to accept changes to the old version that is
 currently in base?
>>>
>>> No, why would they do that?
>>
>> Exactly my question
>> I guess I misinterpreted your suggestion on upstreaming patches.
>>
>> --WjW
>>
> 
> I honestly think everyone would be better served by porting blacklistd
> from NetBSD than trying to increase verbosity for log files.
> 
> 

I have been using HPN + NONE for a few years and find them quite useful,
but it is easier to install openssh-portable and run that than to
recompile the base system to enable the NONE cipher, so I have no
objection to removing the patches from base.

The useful logging feature that comes with the newer version of openssh,
is logging which SSH key the user authenticated with.

-- 
Allan Jude



signature.asc
Description: OpenPGP digital signature

Re: OpenSSH HPN

[John-Mark Gurney]

Dag-Erling Smrgrav wrote this message on Tue, Nov 10, 2015 at 10:42 +0100:
> Therefore, I would like to remove the HPN patches from base and refer
> anyone who really needs them to the openssh-portable port, which has
> them as a default option.  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

My vote is to remove the HPN patches.  First, the NONE cipher made more
sense back when we didn't have AES-NI widely available, and you were
seriously limited by it's performance.  Now we have both aes-gcm and
chacha-poly which it's performance should be more than acceptable for
today's uses (i.e. cipher performance is 2GB/sec+).

Second, I did some testing recently due to a thread on -net, and I
found no significant (not run statistically though) difference in
performance between in HEAD ssh and OpenSSH 7.1p1.  I started a wiki
page to talk about this:
https://wiki.freebsd.org/SSHPerf

Feel free to add to the page any more info.

There are other apparent issues w/ ssh that keeps it's performance low
on high latency links, but I haven't spend the time to figure out what
they are, but in my testing HPN did not increase performance to make
use of the fat but high latency link.

So, if it's not increasing performance and making us fall behind, why
bother with the trouble of keeping the patch?

If someone is willing to spend the time doing benchmarks, and prove
that the HPN patches do make a difference, I'm willing to work with
them to figure out why my tests didn't work and change my vote.  I
also believe that the defaults should be enough, if you have to tune
or enable features, then you can install from ports or compile yourself.

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Michael Sinatra]

On 11/10/15 1:42 AM, Dag-Erling Smørgrav wrote:

Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.

The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release.  Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.

Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option.  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).


My current employer is a big proponent of HPN (see 
http://fasterdata.es.net/data-transfer-tools/scp-and-sftp/).  However, I 
agree that the difficulty of patching to the changing upstream is 
significant.  Frankly, I am quite impressed that you have been able to 
keep up with it for this long.


I would be more than happy if the HPN patches continued to be in the 
port version and base were able to keep up with the upstream by removing 
the HPN dependency.  There will be some places where we will notice the 
difference in performance; in those cases we will install the 
HPN-patched port.


michael


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Miroslav Lachman]

Mark Felder wrote on 11/10/2015 17:02:

[...]


But like I said: The code I found at openssh was so totally different
that I did not continued this track, but chose to start running openssh
from ports. Which does not generate warnings I have questions about the
originating ip-nr.


Are they still willing to accept changes to the old version that is
currently in base?


No, why would they do that?


Exactly my question
I guess I misinterpreted your suggestion on upstreaming patches.

--WjW



I honestly think everyone would be better served by porting blacklistd
from NetBSD than trying to increase verbosity for log files.


I didn't know blacklistd. It seems very interesting. It would be nice if 
somebody will port it to FreeBSD.


Miroslav Lachman

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

OpenSSH HPN

[Dag-Erling Smørgrav]

Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.

The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release.  Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.

Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option.  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Kubilay Kocak]

On 10/11/2015 8:42 PM, Dag-Erling Smørgrav wrote:
> Some of you may have noticed that OpenSSH in base is lagging far behind
> the upstream code.
> 
> The main reason for this is the burden of maintaining the HPN patches.
> They are extensive, very intrusive, and touch parts of the OpenSSH code
> that change significantly in every release.  Since they are not
> regularly updated, I have to choose between trying to resolve the
> conflicts myself (hoping I don't break anything) or waiting for them to
> catch up and then figuring out how to apply the new version.
> 
> Therefore, I would like to remove the HPN patches from base and refer
> anyone who really needs them to the openssh-portable port, which has
> them as a default option.  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).
> 
> DES
> 

I for one, support our new consistent-with-upstream,
improved-productivity and lower-risk-for-regressions-in-base overlords.

./koobs
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Willem Jan Withagen]

On 10-11-2015 10:42, Dag-Erling Smørgrav wrote:

Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.

The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release.  Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.

Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option.  I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).


Hi Des,

I know I've installed the ports once to see if, and how I would be able 
to add more IP-address infor to some of the warnings and errors. And 
then to get thos errors recognised by tools like sshguard and fail2ban.


Only to find out that the code in that area in ports is completely 
different from what is in base. And submitting "patches" for that, even 
upstream, would be faily useless. So I understand the trouble you might 
have in getting other stuff in as well


Getting the base version more inline with ports would be a real good thing.

I guess you need to manage the fallout that there is going to be from 
those that expect HPN to be in base, and now suffer preformance issues.


--WjW


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Slawa Olhovchenkov]

On Tue, Nov 10, 2015 at 10:42:49AM +0100, Dag-Erling Smørgrav wrote:

> Some of you may have noticed that OpenSSH in base is lagging far behind
> the upstream code.
> 
> The main reason for this is the burden of maintaining the HPN patches.
> They are extensive, very intrusive, and touch parts of the OpenSSH code
> that change significantly in every release.  Since they are not
> regularly updated, I have to choose between trying to resolve the
> conflicts myself (hoping I don't break anything) or waiting for them to
> catch up and then figuring out how to apply the new version.
> 
> Therefore, I would like to remove the HPN patches from base and refer
> anyone who really needs them to the openssh-portable port, which has
> them as a default option.  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

I am plan to use NONE and HPN for bulk transfer, but don't see
performance improvement, in both cases I see only 500Mbit/s.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> My vote is to remove the HPN patches.  First, the NONE cipher made more
> sense back when we didn't have AES-NI widely available, and you were
> seriously limited by it's performance.  Now we have both aes-gcm and
> chacha-poly which it's performance should be more than acceptable for
> today's uses (i.e. cipher performance is 2GB/sec+).

AES-NI doesn't help the absurdity of double-encrypting when using scp or
rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
for me.

-- 
Regards,
Bryan Drewery
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/15 3:07 AM, Willem Jan Withagen wrote:
> Which when I found out that upstreaming patches from base will be hard,
> because the whole logging in the ports version is totally different.

No it's not. The HPN patch in the ports version had *extra logging* for
a while but that is not the case now. There is nothing different
compared to upstream OpenSSH now for logging.

-- 
Regards,
Bryan Drewery
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/15 4:40 PM, Bryan Drewery wrote:
> Anyway, reverting the base SSH to stock, and then importing all patches
> from the ports default version should result in the same base patches
> applied and a working HPN.

Actually I am missing the client-side VersionAddendum support (ssh.c). I
only have server-side (sshd.c).  This is just due to lack of motivation
to import the changes.

-- 
Regards,
Bryan Drewery
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bryan Drewery]

On 11/10/15 1:42 AM, Dag-Erling Smørgrav wrote:
> Some of you may have noticed that OpenSSH in base is lagging far behind
> the upstream code.
> 
> The main reason for this is the burden of maintaining the HPN patches.
> They are extensive, very intrusive, and touch parts of the OpenSSH code
> that change significantly in every release.  Since they are not
> regularly updated, I have to choose between trying to resolve the
> conflicts myself (hoping I don't break anything) or waiting for them to
> catch up and then figuring out how to apply the new version.
> 
> Therefore, I would like to remove the HPN patches from base and refer
> anyone who really needs them to the openssh-portable port, which has
> them as a default option.  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).
> 
> DES
> 

I had this same problem as well, but have since reworked the HPN patch
for ports to be more easily maintained.  I've considered offering or
just updating the base SSH, but have not since we have random changes in
the HPN functionality in base that would be lost.  We for some reason
decided we were going to maintain our own version and not even upstream
the changes to the HPN authors which has contributed to this situation.

Anyway, reverting the base SSH to stock, and then importing all patches
from the ports default version should result in the same base patches
applied and a working HPN.  I've kept the port version up-to-date with
all base changes applied as well (short of HPN customizations we made
that are not worth keeping)  A lot of people pressured me to remove HPN
as default from the port (during times that I was too busy to rework the
patch for the latest OpenSSH) but I persisted in keeping it due to it
being enabled in base.  If we really remove it from base I may disable
it in the port as well as a default.

I personally find the feature worth keeping.  Seeing recent benchmarks
would be a good idea, but the overall patch is quite simple and
non-complex.  It's now split up with defines for each feature so they
can be disabled at compile time.  See
/usr/ports/security/openssh-portable/files/extra-patch-hpn.  There is
HPN_ENABLED and NONE_CIPHER_ENABLED.  It's really quite a simple and
small patch after removing all of the bogus changes (which I did
upstream, and did apply to the base HPN as well) and the logging changes
(which were far too intrusive to maintain).

-- 
Regards,
Bryan Drewery
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[John-Mark Gurney]

Bryan Drewery wrote this message on Tue, Nov 10, 2015 at 16:32 -0800:
> On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> > My vote is to remove the HPN patches.  First, the NONE cipher made more
> > sense back when we didn't have AES-NI widely available, and you were
> > seriously limited by it's performance.  Now we have both aes-gcm and
> > chacha-poly which it's performance should be more than acceptable for
> > today's uses (i.e. cipher performance is 2GB/sec+).
> 
> AES-NI doesn't help the absurdity of double-encrypting when using scp or
> rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
> for me.

Different layers of protection...

Do you disable all encryption when you're transiting trusted networks
like your VPN?  If you don't, why is that ssh session so special?

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Willem Jan Withagen  writes:
> I know I've installed the ports once to see if, and how I would be
> able to add more IP-address infor to some of the warnings and
> errors. And then to get thos errors recognised by tools like sshguard
> and fail2ban.

Do you mean logging IP addresses instead of hostnames?  Just turn off
UseDNS.  It is off by default since 6.8.

If you mean adding IP addresses or hostnames to messages that don't
already have them, try suggesting it on the openssh-portable mailing
list (openssh-unix-...@mindrot.org).

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Willem Jan Withagen  writes:
> Digging in my logfiles  , and its things like:
>  sshd[84942]: Disconnecting: Too many authentication failures [preauth]
>
> So errors/warnings without IP-nr.
>
> And I think I fixed it on one server to also write:
> error: maximum authentication attempts exceeded for root from
> 173.254.203.88 port 1042 ssh2 [preauth]

fail2ban should catch both of these since sshd will print a message for
each failed authentication attempt before it prints a message about
reaching the limit.

> Are they still willing to accept changes to the old version that is
> currently in base?

No, why would they do that?

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Willem Jan Withagen]

On 10-11-2015 12:11, Dag-Erling Smørgrav wrote:

Willem Jan Withagen  writes:

Digging in my logfiles  , and its things like:
  sshd[84942]: Disconnecting: Too many authentication failures [preauth]

So errors/warnings without IP-nr.

And I think I fixed it on one server to also write:
error: maximum authentication attempts exceeded for root from
173.254.203.88 port 1042 ssh2 [preauth]


fail2ban should catch both of these since sshd will print a message for
each failed authentication attempt before it prints a message about
reaching the limit.


It's already too long to remember the full facts, but when I was looking 
at the parser in sshguard, I think I noticed that certain accesses 
weren't logged and added some more logging rules to catch those.


What I still have lingering is this snippet:
Index: crypto/openssh/packet.c
===
--- crypto/openssh/packet.c (revision 289060)
+++ crypto/openssh/packet.c (working copy)
@@ -1128,8 +1128,10 @@
logit("Connection closed by %.200s", 
get_remote_ipaddr());

cleanup_exit(255);
}
-   if (len < 0)
+   if (len < 0) {
+   logit("Read from socket failed: %.200s", 
get_remote_ipaddr());
fatal("Read from socket failed: %.100s", 
strerror(errno));

+   }
/* Append it to the buffer. */
packet_process_incoming(buf, len);
}

But like I said: The code I found at openssh was so totally different 
that I did not continued this track, but chose to start running openssh 
from ports. Which does not generate warnings I have questions about the 
originating ip-nr.



Are they still willing to accept changes to the old version that is
currently in base?


No, why would they do that?


Exactly my question
I guess I misinterpreted your suggestion on upstreaming patches.

--WjW


___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Willem Jan Withagen  writes:
> "Dag-Erling Smørgrav"  writes:
> > Willem Jan Withagen  writes:
> > > Are they still willing to accept changes to the old version that
> > > is currently in base?
> > No, why would they do that?
> Exactly my question  I guess I misinterpreted your suggestion on
> upstreaming patches.

I didn't suggest submitting patches, I suggested submitting a feature
request.  Damien is generally pretty open to suggestions.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Bob Bishop]

Hi,

> On 10 Nov 2015, at 09:42, Dag-Erling Smørgrav  wrote:
> 
> […]
> 
> Therefore, I would like to remove the HPN patches from base and refer
> anyone who really needs them to the openssh-portable port, which has
> them as a default option.  I would also like to remove the NONE cipher
> patch, which is also available in the port (off by default, just like in
> base).

Can’t argue with that. Is removing HPN going to impact the performance of 
tunnelled X connexions?


> DES
> -- 
> Dag-Erling Smørgrav - d...@des.no
> ___
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

--
Bob Bishop
r...@gid.co.uk




___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Willem Jan Withagen]

On 10-11-2015 11:55, Dag-Erling Smørgrav wrote:
> Willem Jan Withagen  writes:
>> I know I've installed the ports once to see if, and how I would be
>> able to add more IP-address infor to some of the warnings and
>> errors. And then to get thos errors recognised by tools like sshguard
>> and fail2ban.
>
> Do you mean logging IP addresses instead of hostnames?  Just turn off
> UseDNS.  It is off by default since 6.8.

No not really
Digging in my logfiles  , and its things like:
 sshd[84942]: Disconnecting: Too many authentication failures [preauth]

So errors/warnings without IP-nr.

And I think I fixed it on one server to also write:
error: maximum authentication attempts exceeded for root from 
173.254.203.88 port 1042 ssh2 [preauth]


Which when I found out that upstreaming patches from base will be hard, 
because the whole logging in the ports version is totally different.


> If you mean adding IP addresses or hostnames to messages that don't
> already have them, try suggesting it on the openssh-portable mailing
> list (openssh-unix-...@mindrot.org).

Are they still willing to accept changes to the old version that is 
currently in base?


--WjW



___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Dag-Erling Smørgrav]

Bob Bishop  writes:
> Is removing HPN going to impact the performance of tunnelled X
> connexions?

I don't think so.  It mostly affects the performance of long
unidirectional streams (file transfers) whereas the X protocol, as far
as I know, is a bidirectional exchange of relatively short messages.  It
may make a difference for applications that transfer large textures...
I don't really know enough about the X protocol to say for certain, but
I am typing this in Emacs over a non-HPN SSH connection, and I regularly
tunnel Firefox between the same two machines (RHEL 7 desktop at work and
FreeBSD 10 desktop at home).

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: OpenSSH HPN

[Ben Woods]

On Wednesday, 11 November 2015, Bryan Drewery  wrote:

> On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> > My vote is to remove the HPN patches.  First, the NONE cipher made more
> > sense back when we didn't have AES-NI widely available, and you were
> > seriously limited by it's performance.  Now we have both aes-gcm and
> > chacha-poly which it's performance should be more than acceptable for
> > today's uses (i.e. cipher performance is 2GB/sec+).
>
> AES-NI doesn't help the absurdity of double-encrypting when using scp or
> rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
> for me.
>

I have to agree that there are cases when the NONE cipher makes sense, and
it is up to the end user to make sure they know what they are doing.

Personally I have used it at home to backup my old FreeBSD server (which
does not have AESNI) over a dedicated network connection to a backup server
using rsync/ssh. Since it was not possible for anyone else to be on that
local network, and the server was so old it didn't have AESNI and would
soon be retired, using the NONE cipher sped up the transfer significantly.

If the patch is made easy enough to maintain (as some subsequent posts have
implied), I quote the NONE cipher stays. I would even like to see it
compiled in by default (but disabled in the default configuration file).
That way you wouldn't need a custom compiled base to use it - just edit the
config file.

Regards,
Ben


-- 

--
From: Benjamin Woods
woods...@gmail.com
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"