[wplug] compression (was: Intro to running (s)ftp service?)

Patrick Wagstrom pwagstro at andrew.cmu.edu
Thu Apr 14 16:27:51 EDT 2005 

> The one thing about ftpd vs sshd is speed.  In my experience, on a fast
> network, sshd tops out well below the line speed and is essentially
> processor bound.  FTP (and HTTP to a lesser extent) are much faster and
> operate with a much lower overhead.  It has been my experience that they
> are always network bound.
> 
> At home, I have a DSL line.  SSH is the only thing I transmit over the
> DSL when I want to connect to my home PC from work.  This is because I
> am limited by the relatively low upload speed of my DSL.  At home, when
> I am on a 100Mb network, I never use ssh to transfer files, because it
> is much, much slower than everything else (even SMB).
> 
> Mike

Just a few quick speed hints for using SCP:

The -C flag will tell SSH/SCP to compress stuff.  In general I use it
all the time.  CPUs are so much faster than networks still so
compression is your friend.

Depending on your platform, using the blowfish cipher should be a little
faster than using the default 3des or aes128 (don't quote me on the
aes128 claim, they're both pretty close).  

Most people don't realize, but you can configure all sorts of options on
a global and a per host level in your ~/.ssh/config file.  This is nice
because you can force it to use a different port for certain hosts,
different ciphers, not allow password, only forward X for some hosts,
etc.

Here's a little snippet to drop in your ~/.ssh/config that will make you
use blowfish for your cipher and compress all data going over the
network with GZip at level 6.

Host *
    Compression yes
    Ciphers blowfish-cbc,aes128-cbc,3des-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

I'm actually a little confused about why exactly this works, as the docs
say it is only for SSH1 and not SSH2, but testing a 11 meg text file
(about 20 copies of Huckleberry Finn repeated over and over), with
compression gave me an overall throughput of 90.6K (11 megs in 1 minute,
51 seconds), without compression gave an overall throughput of 32.8K (11
megs in 4:58).   Totally non-scientific, but good enough for me to
conclude that it's doing something, especially considering that my cable
modem says that it's current upstream rate 384000bps.

At this point, I'll also throw in a quick plug for using mod_gzip (or
the equivalent) on your servers, especially if hosting them over a cable
modem.  For simple HTML you'll usually get compression rates of about
66% or so.  Works great for my server hosted on my cable modem, keeps
the pages zippy.  Most clients support this (yes, even IE supports
compression of data).

--Patrick

More information about the wplug mailing list