Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 13 Jun 2008 13:02:07 +0200
From:      Kris Kennaway <kris@FreeBSD.org>
To:        Brooks Davis <brooks@freebsd.org>
Cc:        freebsd-net@freebsd.org, Peter Losher <Peter_Losher@isc.org>
Subject:   Re: ssh window
Message-ID:  <485253AF.4000000@FreeBSD.org>
In-Reply-To: <20080613025157.GA90190@lor.one-eyed-alien.net>
References:  <4851CC95.8070902@psg.com> <4851CD9D.3010801@isc.org> <20080613025157.GA90190@lor.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Brooks Davis wrote:
> On Thu, Jun 12, 2008 at 06:30:05PM -0700, Peter Losher wrote:
>> Randy Bush wrote:
>>> this has been a cause of great pain for a loooong time.
>>>
>>>    http://www.psc.edu/networking/projects/hpn-ssh/
>>>
>>> as openssh seems not to be fixing it (and i do not consider a 2mb fixed
>>> buffer to be fixed, especially not from a 100mb link here in tokyo and
>>> servers in the states, europe, and africa), perhaps i could convince
>>> freebsd net folk to do so?
>> FYI - HPN is already a build option in the openssh-portable port.
> 
> I do think we should strongly consider adding the rest of it to the base.
> 
> -- Brooks

There seem to be a couple of issues:

1) Connection aborts during interactive use.  I started using this patch 
only yesterday but already a couple of times my interactive session to a 
machine has aborted from typing one character to the next.  It doesnt 
seem to be affecting non-interactive use.  I have not investigated this yet.

2) -c none handling is a bit weird.  There is no way to shut up the 
warnings on non-interactive connections ("WARNING: ENABLED NONE CIPHER"; 
yes, I know, because I WROTE THAT SCRIPT :).  Also it doesn't fall back 
gracefully if the other side doesn't support -c none; it just aborts the 
collection.  This means you can't automatically interoperate with a 
non-HPN server if you want to use 'none' encryption.  This is not 
related to the buffer handling but it is part of the same patch set.  I 
really like the idea of -c none, but I think they have gone overboard 
with the paranoia.

Kris

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?485253AF.4000000>