Matthew Dillon wrote: > [...] > CPU overhead is a different beast entirely. SSH has a lot of encryption > and decryption overhead... my transfers over localhost top out at > 21.8 MBytes/sec on my test box.
The good old ssh1 package had a "-c none" option which disabled encryption entirely. Unfortunately the OpenSSH folks removed it for "security reasons". I have a patch that applies to FreeBSD's contrib version of openssh; I think it should be usable on DF, too (but I haven't tried). The patch is very simple. http://www.secnetix.de/~olli/FreeBSD/openssh-cipher-none.patch It is useful in cases where the underlying transport already does encryption anyway (e.g. over IPSEC, an OpenVPN tunnel or whatever), or if you trust the network (e.g. your home LAN, of if it's a direct link between two boxes). It makes a hell of a difference if at least one of the two machines has a slow CPU (or has a fast CPU but is loaded with other processes), and you're scp'ing large amounts of data. Of course you could use rcp, ftp or whatever, but the nice thing with "scp -c none" is that you can still benefit from all the other features of ssh, such as authentication via the authorized_keys file, shortcuts via .ssh/config, easy tunneling of X11 and other connections etc. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way.
