High Performance SSH/SCP - HPN-SSH

Tomas Mraz tmraz at redhat.com
Thu Jul 12 20:40:26 UTC 2007 

On Thu, 2007-07-12 at 12:02 -0400, Jarod Wilson wrote:
> Jarod Wilson wrote:
> > Rex Dieter wrote:
> >> Farkas Levente wrote:
> >>
> >>> is there any plan to include High Performance SSH/SCP - HPN-SSH into
> >>> fedora's ssh?
> >>> http://www.psc.edu/networking/projects/hpn-ssh/
> >> more questions:
> >> why isn't this feature included in upstream openssh?
> >> are they working to get this feature/code upstream?
> > 
> > I just dropped a query to the hpn-ssh maintainers, as I'd love to have
> > this feature myself, having noticed less-than-spectacular scp
> > performance on gigabit links...
> 
> Fun. So apparently, the hpn-ssh folks have been trying to get this into
> upstream openssh for about 3 years now, and always get put off by
> openssh folks being "too busy to validate such a big patch". However,
> I've been assured the code has been vetted by multiple 3rd-parties, and
> gets heavily utilized in the high-performance networking community, and
> has been without any incompatibilities w/stock openssh or serious bug
> reports in over a year.
> 
> Personally, I'd say lets add it to rawhide and see how it goes... Anyone
> else have an opinion? Adding Tomas to the cc list, since he maintains
> our openssh packages, to solicit his opinion as well...

I'm still a little bit uneasy to allow this patch in. We were trying to
keep as close to upstream as possible. On the other hand we have other
changes we have other patches in like the SELinux changes for MLS and
the recent support for keys in NSS by which we significantly diverge
from upstream already. So maybe we could reconsider applying the HPN
patch or at least some less controversial parts of it.

But also note that ssh was designed to be primarily a protocol for
interactive shell sessions and thus it has its limitations which mean
that it never can be 100% efficient as protocol for large file transfers
or even establishing VPNs. It seems to me that people which want
extremely fast and secure file transfers should use different solutions
like stunnel.
-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

More information about the fedora-devel-list mailing list