It’s “mpssh-py” 3rd birthday this year! 🙂
I did some stats analysis on my logs and they revealed the following:
This is a proof for the power of interpreted languages and that the single-responsibility design approach for programs helps in making them more reliable.
It’s been five years since the last OpenSSH ciphers performance benchmark. There are two fundamentally new things to consider, which also gave me the incentive to redo the tests:
I tested five different platforms having CPUs with and without AES hardware acceleration, different OpenSSL versions, and running on different platforms including dedicated servers, OpenVZ and AWS.
Since the processing power of each platform is different, I had to choose a criteria to normalize results, in order to be able to compare them. This was a rather confusing decision, and I hope that my conclusion is right. I chose to normalize against the “arcfour*”, “blowfish-cbc”, and “3des-cbc” speeds, because I doubt it that their implementation changed over time. They should run equally fast on each platform because they don’t benefit from the AES acceleration, nor anyone bothered to make them faster, because those ciphers are meant to be marked as obsolete for a long time.
A summary chart with the results follow:
You can download the raw data as an Excel file. Here is the command which was run on each server:
# uses "/root/tmp/dd.txt" as a temporary file! for cipher in aes128-cbc aes128-ctr aes128-gcm@openssh.com aes192-cbc aes192-ctr aes256-cbc aes256-ctr aes256-gcm@openssh.com arcfour arcfour128 arcfour256 blowfish-cbc cast128-cbc chacha20-poly1305@openssh.com 3des-cbc ; do for i in 1 2 3 ; do echo echo "Cipher: $cipher (try $i)" dd if=/dev/zero bs=4M count=1024 2>/root/tmp/dd.txt | pv --size 4G | time -p ssh -c "$cipher" root@localhost 'cat > /dev/null' grep -v records /root/tmp/dd.txt done done
We can draw the following conclusions:
Test results may vary (a lot) depending on your hardware platform, Linux kernel, OpenSSH and OpenSSL versions.
If you have servers that change their IP address, you’ve probably already been used to the following SSH warning:
The authenticity of host '176.34.91.245 (176.34.91.245)' can't be established. ... Are you sure you want to continue connecting (yes/no)? yes
Besides from being annoying, it is also a security risk to blindly accept this warning and continue connecting. And be honest — almost none of us check the fingerprint in advance every time.
A common scenario for this use case is when you have an EC2 server in Amazon AWS which you temporarily stop and then start, in order to cut costs. I have a backup server which I use in this way.
In order to securely avoid this SSH warning and still be sure that you connect to your trusted server, you have to save the fingerprint in a separate file and update the IP address in it every time before you connect. Here are the connect commands, which you can also encapsulate in a Bash wrapper script:
IP=176.34.91.245 # use an IP address here, not a hostname FPFILE=~/.ssh/aws-backup-server.fingerprint test -e "$FPFILE" && perl -pi -e "s/^\S+ /$IP /" "$FPFILE" ssh -o StrictHostKeyChecking=ask -o UserKnownHostsFile="$FPFILE" root@$IP
Note that the FPFILE is not required to exist on the first SSH connect. The first time you connect to the server, the FPFILE will be created when you accept the SSH warning. Further connects will not show an SSH warning or ask you to accept the fingerprint again.
This NAS solution uses OpenSSH for secure transport over a TCP connection, and NFS to mount the volume on your local computer. The hardware of the NAS server is the low-cost Bifferboard.
I’m using an external hard disk via USB which is partitioned in two parts – /dev/sda1 (1GB) and the rest in /dev/sda2. Once you have installed Debian on Bifferboard, here are the commands which further transform your Bifferboard into a secure NAS:
apt-get update apt-get -y install nfs-kernel-server vi /etc/default/nfs-common # update: STATDOPTS='--port 2231' vi /etc/default/nfs-kernel-server # update: RPCMOUNTDOPTS='-p 2233' mkdir -m 700 /root/.ssh # add your public key for "root" in /root/.ssh/authorized_keys echo '/mnt/storage 127.0.0.1(rw,no_root_squash,no_subtree_check,insecure,async)' >> /etc/exports mkdir /mnt/storage chattr +i /mnt/storage # so that we don't accidentally write there without a mounted volume cat > /etc/rc.local <<EOF #!/bin/bash # allow only SSH access via the network /sbin/iptables -P FORWARD DROP /sbin/iptables -P INPUT DROP /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT # TCP initiated by server /sbin/iptables -A INPUT -p udp -m state --state ESTABLISHED -j ACCEPT # DNS traffic # mount the storage volume here, so that any errors with it don't interfere with the system startup /bin/mount /dev/sda2 /mnt/storage /etc/init.d/nfs-kernel-server restart EOF # allow only public key authentication fgrep -i -v PasswordAuthentication /etc/ssh/sshd_config > /tmp/sshd_config && \ mv -f /tmp/sshd_config /etc/ssh/sshd_config && \ echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config reboot
There are two things you should consider with this setup:
On the machine which is being backed up, I use the following script which mounts the NAS volume, starts the rsnapshot backup process and finally unmounts the NAS volume:
#!/bin/bash
set -u
HOST='192.168.100.102'
SSHUSER='root'
REMOTEPORT='22'
REMOTEDIR='/mnt/storage'
LOCALDIR='/mnt/storage'
SSHKEY='/home/famzah/.ssh/id_rsa-home-backups'
echo "Mounting NFS volume on $HOST:$REMOTEPORT (SSH-key='$SSHKEY')."
N=0
for port in 2049 2233 ; do
N=$(($N + 1))
LPORT=$((61000 + $N))
ssh -f -i "$SSHKEY" -c arcfour128 -L 127.0.0.1:"$LPORT":127.0.0.1:"$port" -p "$REMOTEPORT" "$SSHUSER@$HOST" sleep 600d
echo "Forwarding: $HOST: Local port: $LPORT -> Remote port: $port"
done
sudo mount -t nfs -o noatime,nfsvers=2,proto=tcp,intr,rw,bg,port=61001,mountport=61002 "127.0.0.1:$REMOTEDIR" "$LOCALDIR"
echo "Doing backup."
time sudo /usr/bin/rsnapshot weekly
echo "Unmounting NFS volume and closing SSH tunnels."
sudo umount "$LOCALDIR"
for pid in $(ps axuww|grep ssh|grep 6100|grep arcfour|grep -v grep|awk '{print $2}') ; do
kill "$pid" # possibly dangerous...
done
Update, 29/Sep/2010 – performance tunes:
Resources:
💡 Please review the newer tests.
Ever wondered how to save some CPU cycles on a very busy or slow x86 system when it comes to SSH/SCP transfers?
Here is how we performed the benchmarks, in order to answer the above question:
As stated at the Ubuntu man page of ssh_config, the OpenSSH client is using the following Ciphers (most preferred go first):
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
aes256-cbc,arcfour
In order to examine their performance, we will transfer the test file twice using each of the ciphers and note the transfer speed and delta. Here are the shell commands that we used:
for cipher in aes128-ctr aes192-ctr aes256-ctr arcfour256 arcfour128 aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc arcfour ; do
echo "$cipher"
for try in 1 2 ; do
scp -c "$cipher" test-file root@192.168.100.102:
done
done
You can review the raw results in the “ssh-cipher-speed-results.txt” file. The delta difference between the one and same benchmark test is within 16%-20%. Not perfect, but still enough for our tests.
Here is a chart which visualizes the results:
The clear winner is Arcfour, while the slowest are 3DES and AES. Still the question if all OpenSSH ciphers are strong enough to protect your data remains.
It’s worth mentioning that the results may be architecture dependent, so test for your platform accordingly.
Also take a look at the below comment for the results of the “i7s and 2012 xeons” tests.
Resources:
/contrib/famzah 