[ale] sshd resource intensive??
Drag0n
dragon at atlantacon.org
Sun May 16 15:36:46 EDT 2004
There are various options,
You can set up an IpSEC tunnel with Free/SWAN, or Crypto API built into
the 2.6 kernel.
You can set up a permanent SSH tunnel with lower encryption levels ( I
have seen dramatic performance differences depending on what version of
ssh you use, OpenSSH VS. SSH.com <best results seem to come from SSH.com
to SSH.com connections. Worst being SSH.com to OpenSSH, with Open to
Open right in the middle.>)
There are several hardware accelerators available for hardware
encryption/decryption on the market for use. (one very good product that
will work in linux with a lot of shoehorning is the rainbow cryptoswift
ssl/vpn accelerator they have been aquired by safenet
http://www.safenet-inc.com/products/cryptoswift/index.asp
Drag0n
dragon at atlantacon.org
On Sun, 2004-05-16 at 09:52, Geoffrey wrote:
> Drag0n wrote:
> > Considering that the sender has to encrypt the data on the fly and the
> > receiver has to decrypt it as it receives it, processor speed more than
> > bandwidth determines throughput on local networks. This is to be
> > expected unless you have dedicated ssl accelerators in each machine that
> > ssh has been configured to use.
>
> So considering this issue, anyone have better suggestions for securing a
> wifi connection. vtunnel or openvpn perhaps? I would expect them all
> to have similar overhead issues. As I recall, vtunnel is ssh based
> anyway. Maybe some tweeks to ssh could produce faster processing?
More information about the Ale
mailing list