|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Best utilizing fat long pipes and large file transfer
"Kevin Oberman" <[email protected]> writes: >> From: "Robert E. Seastrom" <[email protected]> >> Date: Thu, 12 Jun 2008 21:15:49 -0400 >> >> >> Randy Bush <[email protected]> writes: >> >> > and for those of us who are addicted to simple rsync, or whatever over >> > ssh, you should be aware of the really bad openssh windowing issue. >> >> As a user of hpn-ssh for years, I have to wonder if there is any >> reason (aside from the sheer cussedness for which Theo is infamous) >> that the window improvements at least from hpn-ssh haven't been >> backported into mainline openssh? I suppose there might be >> portability concerns with the multithreaded ciphers, and there's >> certainly a good argument for not supporting NONE as a cipher type out >> of the box without a recompile, but there's not much excuse for the >> fixed size tiny buffers - I mean, it's 2008 already... > > Theo is known for his amazing stubbornness, but for area involving > security and cryptography, I find it hard to say that his conservatism > is excessive. Crypto is hard and often it is very non-intuitive. I > remember the long discussions on entropy harvesting and seeding in > FreeBSD which fortunately has cryptography professionals who could pick > every nit and make sure FreeBSD did not end up with Debian-type egg all > over its virtual face. > > Than again, the tiny buffers are silly and I can't imagine any possible > security issue there. Many good reasons to not goof with the crypto. The window size was the main thing I was poking at. ---rob
|