From owner-freebsd-current@FreeBSD.ORG Sun Oct 19 17:35:26 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6DEFAE32 for ; Sun, 19 Oct 2014 17:35:26 +0000 (UTC) Received: from mail-ob0-x22a.google.com (mail-ob0-x22a.google.com [IPv6:2607:f8b0:4003:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 350B1C0 for ; Sun, 19 Oct 2014 17:35:26 +0000 (UTC) Received: by mail-ob0-f170.google.com with SMTP id uz6so2812035obc.29 for ; Sun, 19 Oct 2014 10:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=TldRSQvw627UiXqyxrebLUfsxfv5bYVDTPnIvSNnnKA=; b=vymGB8d3XbncBYZC3moF0H8mtCQW8Hv8CAPT8iZk/k7sX4xKToIEuJhC9rcSoofp1J bNgMUBOF+5lq4RGRk3j3yJP3MPzmETJ8tUGxgbxe/sCZm+BNqm7UAeoo8hi3Gyc1UiFJ Wv32CA8l3khh5y6a97LJElYHyUPcJnaNJi1UXJxEYxrgiBrHE8amkBgYmvs3Pm8wQfLd hMtt0o9rVDXsSHcbI+0oGONGluHPTPHtrd+nhgnVLQBTMkVcaxr2eS8HcS2u6TDwu2g+ Qxaw+lFDNeeFja8TIvJXGPsrVqnpYvI8oPNjNJ4J/vinTeTggva7HKDUb0VTCKkM/5Kf Un3w== MIME-Version: 1.0 X-Received: by 10.60.178.144 with SMTP id cy16mr2153612oec.60.1413740125518; Sun, 19 Oct 2014 10:35:25 -0700 (PDT) Received: by 10.202.104.195 with HTTP; Sun, 19 Oct 2014 10:35:25 -0700 (PDT) Received: by 10.202.104.195 with HTTP; Sun, 19 Oct 2014 10:35:25 -0700 (PDT) In-Reply-To: <20141019074600.GD82214@funkthat.com> References: <5441E834.2000906@freebsd.org> <544246E8.1090001@ijs.si> <20141019074600.GD82214@funkthat.com> Date: Sun, 19 Oct 2014 10:35:25 -0700 Message-ID: Subject: Re: ssh None cipher From: Freddie Cash To: Mark Martinec , FreeBSD-Current Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Oct 2014 17:35:26 -0000 On Oct 19, 2014 12:46 AM, "John-Mark Gurney" wrote: > > Freddie Cash wrote this message on Sat, Oct 18, 2014 at 10:21 -0700: > > On Oct 18, 2014 3:54 AM, "Mark Martinec" > > wrote: > > > > > > If the purpose of having a none cipher is to have a fast > > > file transfer, then one should be using sysutils/bbcp > > > for that purposes. Uses ssd for authentication, and > > > opens unencrypted channel(s) for the actual data transfer. > > > It's also very fast, can use multiple TCP streams. > > > > That's an interesting alternative to rsync, scp, and ftp, but doesn't help > > with zfs send/recv which is where the none cipher really shines. > > > > Without the none cipher, SSH becomes the bottleneck limiting transfers to > > around 400 Mbps on a gigabit LAN. With the none cipher, the network becomes > > the bottleneck limiting transfers to around 920 Mbps on the same gigabit > > LAN. > > > > This is between two 8-core AMD Opteron 6200 systems using igb(4) NICs. > > Are you running on HEAD or possibly 10.x (I believe we have OpenSSL > 1.0.x on 10.x)? Nope, 9.2. And I don't think the 6200 series Opterons have AES-NI.