Update on Oct. 9, 2014: You should be aware of the possible security problems of blowfish and it is suggested not to be used. Instead, you may consider ChaCha20 as suggested by Tony Arcieri. To use this with OpenSSH, you need to specify the
Ciphers in your .ssh/config files as
email@example.com possibly with another default one since only newer vesion of OpenSSH supports it.
— Tony Arcieri (@bascule) October 9, 2014
— Philipp Jovanovic (@Daeinar) October 8, 2014
Also: do NOT use RC4 in greenfield systems. If you are building something new, there is absolutely zero reason to choose it.
— Tony Arcieri (@bascule) October 8, 2014
ssh/scp are convenient and handy tools on Linux. Is it possible to further improve its speed/performance, especially when transferring files that are large (GBs, not MBs or KBs)? The answer is of course yes.
ssh supports several ciphers. The ciphers used have a large impact on the performance. Jens Neuhalfen and Ivan Zahariev‘s data are roughly the same as my own experience (from faster ones to slower ones):
arcfour >> blowfish >> aes >> 3des
Note that SSH 2 supported ciphers have more variance:
Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. The supported ciphers are 3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr firstname.lastname@example.org email@example.com arcfour128 arcfour256 arcfour blowfish-cbc and cast128-cbc. The default is:
Although arcfour is the fastest, there are concerns about its security.
Hence, my default choice is blowfish for both speed and security. According to the OpenSSH ssh man page:
The supported values are 3des blowfish and des. 3des (triple-des) is an encrypt-decrypt-encrypt triple with three different keys. It is believed to be secure. blowfish is a fast block cipher; it appears very secure and is much faster than 3des.
It delivers around 40MB/s~50MB/s on a 1Gbps link in our cluster. For comparison, the speed is 10+MB/s with the default ciphers used. If you run ssh/scp inside a trusted cluster, arcfour may be also a good choice.
It is also a good idea to enable compression by default so that ssh performs better over a low-bandwidth link, such as a slow Internet connection.
Overall, I put these lines into my
Host * Ciphers blowfish-cbc Compression yes CompressionLevel 6
The first line tells ssh/scp that these configuration applies to all hosts. The Ciphers line tells ssh/scp of version 2 to use blowfish-cbc. The 3rd and 4th lines enable compression and set its level.
To check which ciphers your are using, run
-v parameter and find out lines like this in the "debug1" outputs:
debug1: kex: server->client blowfish-cbc hmac-md5 firstname.lastname@example.org debug1: kex: client->server blowfish-cbc hmac-md5 email@example.com
You can see here that blowfish-cbc is used.