[23042] in bugtraq
Re: Bug in scp v3.0.1
daemon@ATHENA.MIT.EDU (Brad Arlt)
Wed Oct 31 18:28:57 2001
Date: Wed, 31 Oct 2001 13:42:18 -0700
From: Brad Arlt <arlt@cpsc.ucalgary.ca>
To: bugtraq@securityfocus.com
Message-ID: <20011031134218.A5919@ms210a.cpsc.ucalgary.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <COEPIIFFJPONEJNLHKOEAEDFCGAA.jonathan@cafejesus.com>
On Wed, Oct 31, 2001 at 12:18:47AM -0500, Jonathan A. Zdziarski wrote:
> I was scp'ing a 2MB file to my home computer over a DSL line and just
> happened to run top at the same time. I immediately noticed this line:
>
> 13864 root 1 30 0 2884K 1744K run 0:38 42.00% sshd2
>
> It appears that scp'ing a file over a slow connection causes the process to
> suck up a huge number of resources. There's most likely no usleep()
> somewhere it's needed. A couple scp's over slow connections could severely
> degrade the boxes performance.
>
> This test was performed on a Solaris 8_x86 machine.
If you are refering to SSH Communication Security Inc's SSH2 v3.0.1,
this is a known bug, and they are working on the fix.
It affects all server implimentations (UNIX and Windows). For
a list of all the known bugs check out:
http://www.ssh.com/faq/index.cfm?category=129
I get 99% utilization on a fast link (Cable modem, and 10/100/1000Mb
Ethernet.
----------------------------------------------------------------------------
__o Bradley Arlt Email: arlt@cpsc.ucalgary.ca o__
_ \<_ WWW: www.acs.ucalgary.ca/~bdarlt _>/ _
(_)/(_) -Eat well, sleep peacefully, drink lots, and ride like hell. (_)\(_)
