Re: ssh type of service (tos)

From: Keld Jørn Simonsen (keld_at_dkuug.dk)
Date: 09/23/05 

Date: Fri, 23 Sep 2005 08:10:12 +0000

Den Thu, 22 Sep 2005 20:46:57 -0400. skrev Richard E. Silverman:

>>>>>> "KS" == Keld Jørn Simonsen <keld@dkuug.dk> writes:
>
> KS> Hi I am using openssh for a number of things, including file
> KS> transfer and mirroring, and I would like to be able to do traffic
> KS> policing, such as downgrading the priority of packet of a scp
> KS> transfer. How can I do that? I looked in the man pages and
> KS> googled 'openssh typeofservice' but I did not seem to get anything
> KS> I could use.
>
> KS> I thought maybe adding a keyword 'TypeOfService' for .ssh/config,
> KS> that also could be used by the ssh and scp -o flag could do what I
> KS> wanted.
>
> There's nothing in OpenSSH that can do this -- nor can you do it in the
> network, because the difference between an SSH connection carrying
> terminal traffic and one doing scp is invisible to the outside world (at
> least explicitly), the protocol being encrypted.

Packets are packets an tos are a fundamental part of the packet structure.
So could the tos be set *after* doing the encryption?

> However, you could get the effect simply by using something besides scp
> over ssh to do your file transfers, which has data rate limiting. E.g.:
>
> $ rsync -e ssh --bwlimit ...

Yes, but then I would not use full bandwidth for eg scp when I am not
doing anything.

Relevant Pages

  • Re: ssh type of service (tos)
    ... > KS> googled 'openssh typeofservice' but I did not seem to get anything ... > KJS> Packets are packets an tos are a fundamental part of the packet ... > connection externally depending on whether it's doing scp, ... I see that on my newer system scp sets tos to 0x0 - which was not done on ...
    (comp.security.ssh)
  • Re: how to turn on scp1 compatibility mode in RH9 ?
    ... Your OpenSSH install is somewhat outdated; ... The -t option is not valid for the scp I'm using here; ... debug1: Doing password authentication. ...
    (comp.os.linux.misc)
  • [Full-disclosure] [ GLSA 200602-11 ] OpenSSH, Dropbear: Insecure use of system() call
    ... A flaw in OpenSSH and Dropbear allows local users to elevate their ... privileges via scp. ... Security is a primary focus of Gentoo Linux and ensuring the ...
    (Full-Disclosure)
  • Re: Does OpenSSH use RCP?
    ... > with someone about the difference between OpenSSH and SFTP. ... > SFTP) than SCP will fail. ... OpenSSH uses an implementation that is compatible to the original SSH ...
    (comp.security.unix)
  • [ GLSA 200602-11 ] OpenSSH, Dropbear: Insecure use of system() call
    ... A flaw in OpenSSH and Dropbear allows local users to elevate their ... privileges via scp. ... Security is a primary focus of Gentoo Linux and ensuring the ...
    (Bugtraq)