HPN-SSH Wiki
Brought to you by:
hpnssh
Menu
▾
▴
Home
HPN-SSH (1)
OpenSSH (1)
SCP (1)
SFTP (1)
AES-CTR (1)
Cryptography (1)
Performance (1)
gsi-openssh (1)
HPN-SSH is a series of patches for OpenSSH to provide improved performance and functionality. The core of HPN-SSH is the implementation of a dynamic receive side buffer. By allowing this buffer to grow with the TCP receive buffer it's possible to attain significant throughput improvement - up to two orders of magnitude depending on the network path. Patch sets for each OpenSSH release will be found in the appropriate subfolder.
Why does this work? OpenSSH implements SSHv2 - a multiplexed protocol that allows for multiple data connections across a single TCP stream. In order to provide necessary flow control for the individual channels that comprise this multiplexed connection it was necessary to, essentially, reimplement sliding windows on the receive side. This means that only a set amount of data can be outstanding (in transit) between the sender and receiver at any one time. The OpenSSH development team initially had this limited to 64KB (now 1024KB). Over low latency paths (and for interactive sessions) this is perfectly reasonable. However, for the transfer of large files this proves to be a significant bottleneck. This bottleneck was common to many TCP applications prior to the introduction of autotuning receive buffers in the TCP stack.
HPN-SSH brings the current TCP receive buffer size up to the application layer and, by doing so, uses the network far more efficiently.
The HPN-SSH team (Ben Bennet and Mike Tasota) also developed a multi-threaded variant of the AES-CTR cipher so as to allow multicored systems to distribute the burden of computing the keystream over multiple cores. This enhancement produces a cipher stream that is indistinguishable from the default AES-CTR cipher stream. The upshot of this being that it is backwards compliant with all existing AES-CTR implementations - no need to have the multithreaded variant on both sides of the connection. Recent work has also eliminated problems with using the multi-threaded AES-CTR cipher in forked connections (common with forwarded ports) and the sandboxed privsep process. In the 14.15 release a minimum of 4 threads will be created. However in systems with more than 4 cores 2 additional threads will be created for each additional pair of cores over 4. In other words: 4 cores = 4 threads, 5 cores = 4 threads, 6 cores = 6 threads, up to a total of 16 threads. This is dependent on having a linux(sysconf) or BSD(sysctl) compliant method of determing the number of CPU cores programmatically. If not the istance will be limited to 4 threads.
For less sensitive data the team (primarily Micahel Stevens) also developed a method to switch to the NONE cipher after a fully cryptographically secure authentication. This method forces the stream to rekey itself after authentication and only proposes the NONE cipher. This patch may significantly improve performance for users whose processes were previously CPU bound. As the NONE cipher is essentially disallowed outside of debugging in OpenSSH users wishing to make use of the NONE cipher must have this patch installed on both sides of the connection. As an aside, the multi-threaded AES-CTR cipher and the NONE cipher exhibit similar throughput enhancement albeit, in the case of the AES-CTR cipher, of significantly higher CPU load.
Currently the limiting performance factor, in terms of being CPU bound, is the HMAC cipher. HPN-SSH sees the HMAC cipher as being an intrinsically necessary component of SSH. While work is being conducted in order to enhance the performance of the HMAC processing there are no plans to eliminate it now or in the future.
Lastly, the team also created patches to provide for enhanced server side logging and instantaneous throughput rate reporting in SCP.
This current patch set, HPN14v20 for OpenSSH 8.1p1, passes all regression tests, provides a high level of security, and significantly increased performance with minimal fuss.
Note: There was a minor problem in the main patch set (the Kitchen Sink patch). Basically, I failed to pull forward a commit correctly and maintained some typos form a previous version. As of Tuesday, May 27 2014 @ 5:27pm EDT this has been resolved an fixed version of the patch is in place.
is there any reason to not have this work included in the openssh project upstream ?
It's been submitted over the years but for various reasons it was rejected by the OpenSSH team. In large part it's due to the fact that it's a relatively large patch and would require more work to maintain. They have also stated that it doesn't provide enough value to enough people to make the effort worthwhile. I understand their reasoning even if I don't agree with it.
Le 18/06/2021 à 17:10, Chris Rapier a écrit :
i see, thanks for the answer...and the patch :p
--
cordialement,
Ghislain