1

I have a gigabit connection between my PC and my server (iperf3 tests show ~930Mbps) and I want to be able to transfer large files as fast as possible. The hard drive on the server is connected via USB3 and it is a Rock64. With ssh (I am using btrbk with ssh) I think the bottleneck is probably ssh because of high CPU usage and hot temps (~60C). I did disable compression although I think it's disabled by default (put it in ~/.ssh/config). I only got speeds of up to 350Mbps maximum but it fluctuated a lot, I don't think the Rock64 can handle the ciphers with that much data. And after a while it slowed to a crawl (less than 1Mbps) for some reason that I'm not sure of. Restarting the transfer worked. (May not be relevant to the question).

I need a cipher that can do about 480Mbps at the least. You can probably lower that number by a bit due to realistic USB3 speeds though. Not too worried about security because it is just Ethernet connections from PC > router > server but no/weak encryption would be overkill anyway. So preferably the most secure cipher that can do above speeds.

Improve this question
4
  • 2
    Encryption shouldn’t effect the write speeds or transfer speeds. The data has already been encrypted by hardware (the client hardware) before the transfer has even started. I don’t understand your question.
    – Ramhound
    Commented Dec 12, 2019 at 7:52
  • @Ramhound If the sender can't keep up with the encryption, the complete transfer is slowed.
    – Eugen Rieck
    Commented Dec 12, 2019 at 9:11
  • @EugenRieck - I guess my point is that USB3 wouldn't be the bottleneck in a case like this. Any bottleneck would be with the Rockchip RK3328 SOC itself.
    – Ramhound
    Commented Dec 12, 2019 at 9:30
  • 1
    And after a while it slowed to a crawl (less than 1Mbps) for some reason that I'm not sure of. That sounds more like the drive being the bottleneck. Is it actually just some lame thumb drive? Also the bus speed of USB 3.0 is 5Gbps (i.e. 5000Mbps).
    – Tom Yan
    Commented Dec 13, 2019 at 0:33

2 Answers 2

Reset to default
1

Every cipher can support 480Mbps - but many CPUs will be unable to perform that cipher fast enough. So what you are looking for is a fast-enough implementation for your CPU.

The chain of execution is 

read from disk -> encrypt -> send over network -> decrypt -> write to disk

So first all you need to make sure, it is really the encryption that hinders you

Start with nc instead of ssh

nc -l -p 9999 > /path/to/destination/file # on the receiving side
nc -N [ip.of.receiver.pc] 9999 < /path/of/original/file # on the sending side

This will take en-/decryption out of the chain and give you an idea of the actual possible speeds.

Next check whether your sending side has hardware-accelerated encryption for some ciphers. Most likely it will not, but it's worth a try.

Trying the arcfour cipher might give you hope

Improve this answer
1

I found an interesting cipher speed blog. It gives you an idea how to measure cipher speed without network.

for i in `ssh -Q cipher`; do dd if=/dev/zero bs=1M count=100 2> /dev/null \
  | ssh -c $i someuser@localhost "(time -p cat) > /dev/null" 2>&1 \
  | grep real | awk '{print "'$i': "100 / $2" MB/s" }'; done

So you can actually measure performance of the ciphers on your specific hardware.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .