LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: How to improve scp speed ??
From:	Vladimir Mosgalin <[log in to unmask]>
Reply To:	Vladimir Mosgalin <[log in to unmask]>
Date:	Thu, 29 Sep 2011 04:29:48 +0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (60 lines)

Hi Pablo Cavero!

 On 2011.09.28 at 17:25:26 -0400, Pablo Cavero wrote next:

> I want to know if exist any tips to have a faster scp transfer. In the
> Client, or in the Server Config.
> 
> I'm testing use the standar SCP and the PSCP, a command extra from the Puty
> apps.
> 
> Home page of Putty:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/
> 
> Link to Download the File, to make and compiling the new commands:
> http://the.earth.li/~sgtatham/putty/latest/putty-0.61.tar.gz
> 
> Well, I see a few best performance in the standar scp, but this command,
> don't support run in a batch, add the user and password like parameter.
> And generate and share the RSA public kay is too much work, when some one
> have to many clients.

Well, adding password as a parameter instead of using public key *is*
bad idea and causes compatibility issues, like you just experienced.

What is too much work, btw? On server, you do ssh-keygen once and then
"ssh-copy-id user@machine" for all your clients, it's simple shell
script where you can replace ssh invocation by something else like
putty, to supply passwords for the copying itself automatically just
like you are doing now - and after that you'll have public key
infrastructure fully set and no more trouble!


Anyhow regarding your question, there is an easy way but how much it'll
help you, depends; it's to use blowfish encryption instead of aes.
Server should already support this, on a client just change chipher
order so "blowfish-cbc" somes first - be that in ssh_config or in
command line, consult the manpage. Obviously, this is solution for
openssh scp, the same thing can be done with putty/pscp but syntax is
different.

It mostly helps by increasing throughput by 30-50% if you are cpu-bound,
but that's not always the case, sometimes something else is the problem,
plus modern intel cpus support hardware aes encryption, which openssl
automatically uses on modern systems (such as SL6), so aes should be
fastest for these systems. Still, give blowfish encryption a try. And of
course, use openssh scp. Also, if your files are compressible, use
compression (-C on commandline, or matching ssh_config option); if they
are not, then turn compression off as it wastes cpu cycles and slows
down encryption. Correct compression setting can increase transfer speed
by a lot.

Probably only way to transfer faster, if you are still cpu-bound, is to
use no encryption, but it isn't safe and requires recompiling openssh
client to enable it.


-- 

Vladimir

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV