[105137] in North American Network Operators' Group
Re: Best utilizing fat long pipes and large file transfer
daemon@ATHENA.MIT.EDU (Kevin Oberman)
Thu Jun 12 22:35:14 2008
To: "Robert E. Seastrom" <rs@seastrom.com>
In-Reply-To: Your message of "Thu, 12 Jun 2008 21:15:49 EDT."
<86od66t9ru.fsf@seastrom.com>
Date: Thu, 12 Jun 2008 19:34:46 -0700
From: "Kevin Oberman" <oberman@es.net>
X-To: "Robert E. Seastrom" <rs@seastrom.com>
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1213324486_9366P
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
> From: "Robert E. Seastrom" <rs@seastrom.com>
> Date: Thu, 12 Jun 2008 21:15:49 -0400
>
>
> Randy Bush <randy@psg.com> writes:
>
> > and for those of us who are addicted to simple rsync, or whatever over
> > ssh, you should be aware of the really bad openssh windowing issue.
>
> As a user of hpn-ssh for years, I have to wonder if there is any
> reason (aside from the sheer cussedness for which Theo is infamous)
> that the window improvements at least from hpn-ssh haven't been
> backported into mainline openssh? I suppose there might be
> portability concerns with the multithreaded ciphers, and there's
> certainly a good argument for not supporting NONE as a cipher type out
> of the box without a recompile, but there's not much excuse for the
> fixed size tiny buffers - I mean, it's 2008 already...
Theo is known for his amazing stubbornness, but for area involving
security and cryptography, I find it hard to say that his conservatism
is excessive. Crypto is hard and often it is very non-intuitive. I
remember the long discussions on entropy harvesting and seeding in
FreeBSD which fortunately has cryptography professionals who could pick
every nit and make sure FreeBSD did not end up with Debian-type egg all
over its virtual face.
Than again, the tiny buffers are silly and I can't imagine any possible
security issue there.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
--==_Exmh_1213324486_9366P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)
Comment: Exmh version 2.5 06/03/2002
iD8DBQFIUdzGkn3rs5h7N1ERArTkAJ92aWru7g2EG3ZPCZsVDyjhWeV/EQCgo9C0
a4GU/1J1tCQ3K0q5Mjc3vp4=
=XMgF
-----END PGP SIGNATURE-----
--==_Exmh_1213324486_9366P--
