Re: Sloooowwwww ssh/scp

On 2007-05-27, Nico <nkadel@xxxxxxxxx> wrote:
On 24 May, 18:21, "Colin B." <cbi...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

We used the default, which is /dev/urandom. This device doesn't block if it
gets 'depleted,' so it shouldn't have any problems keeping up. That said, I'm
seeing 100% CPU utilisation for SCP in most cases, and that 100% is split
evenly between usr and sys.

Hmm. Do other file transfer protocols block this way?

Use of /dev/*random is due to the encryption, specifically key generation
during session establishment. You could implement SSH or HTTPS without
it but it would not be secure.

In OpenSSH, the blocking behaviour can occur when the RNG is seeded
when the process starts up, but does not affect throughput once the
session is established.

If the platform has a decent RNG (and that's most of them from the last
5 or more years) or prngd then it's not normally a problem.

Rsync, FTP, HTTP, or HTTPS?

No, no, no and yes.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.