Re: OpenSSH HPN

From: John-Mark Gurney <jmg_at_funkthat.com>
Date: Tue, 10 Nov 2015 23:59:30 -0800
Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:
> On Wednesday, 11 November 2015, Bryan Drewery <bdrewery_at_freebsd.org> wrote:
> 
> > On 11/10/15 9:52 AM, John-Mark Gurney wrote:
> > > My vote is to remove the HPN patches.  First, the NONE cipher made more
> > > sense back when we didn't have AES-NI widely available, and you were
> > > seriously limited by it's performance.  Now we have both aes-gcm and
> > > chacha-poly which it's performance should be more than acceptable for
> > > today's uses (i.e. cipher performance is 2GB/sec+).
> >
> > AES-NI doesn't help the absurdity of double-encrypting when using scp or
> > rsync/ssh over an encrypted VPN, which is where NONE makes sense to use
> > for me.
> 
> I have to agree that there are cases when the NONE cipher makes sense, and
> it is up to the end user to make sure they know what they are doing.
> 
> Personally I have used it at home to backup my old FreeBSD server (which
> does not have AESNI) over a dedicated network connection to a backup server
> using rsync/ssh. Since it was not possible for anyone else to be on that
> local network, and the server was so old it didn't have AESNI and would
> soon be retired, using the NONE cipher sped up the transfer significantly.

If you have a trusted network, why not just use nc?

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."
Received on Wed Nov 11 2015 - 06:59:35 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:00 UTC