2

I regulary backup my computer to my BananaPi with a Hard Disk connected. The Problem is, that the transfer speed over ssh is pretty low because the Pi can't handle AES 256 encryption quick enough. Since this is a save LAN, I'd like to lower the encryption strength to get higher datarates. Preferably only sometimes, because when I administrate things, I would feel better with a higher encryption.

Improve this question
4
  • It is unclear that lowering encryptin will accelerate backup. bottleneck more likely located with disk I/O. However, you can try to reactivate remsh (remote shell, aka rsh, port 23) of old, for testing purpose. Commented Apr 16, 2016 at 7:40
  • it's definitely not disk I/O since pv /dev/zero > x.bin gives me arount 39 MB/s while over ssh I only get 15 Commented Apr 16, 2016 at 7:42
  • You should rather consider setting up some FTP server. If you are running over trusted LAN, I don't think encryption is needed. Commented Apr 16, 2016 at 8:55
  • You could use rsync in its daemon mode where it can use a direct tcp connection with optional compression. Commented Apr 16, 2016 at 9:46

2 Answers 2

Reset to default
2

AES256 uses 14 rounds of the internal encryption algorithm, whereas AES128 only uses 10 rounds and is 40% faster. Add Ciphers [email protected] to your SSH configuration file to use this cipher. You may be able to get even faster speed by using ChaCha20, which uses the string [email protected]. Note that ChaCha20 is not a weak cipher at all, despite being so fast. You can comfortably switch to it and use it for both inconsequential and important tasks.

OpenSSH used to support three RC4 options which are even faster, but they have been disabled due to many severe cryptographic weaknesses in RC4 that can allow plaintext recovery in some circumstances. Determine what ciphers your SSH client supports by running ssh -Q ciphers.

Depending on the speed of your network, you may be able to improve performance by disabling on-the-fly compression. OpenSSH uses the DEFLATE algorithm fixed at compression level 6. This can improve performance in some scenarios, but it's likely to harm performance on a very fast network, especially when you are already CPU-limited.

Finally, if you are copying files using sftp, you may want to consider using rsync instead. It is optimized for fast incremental backups and can use SSH as a backend. It can be configured to only transfer data which has changed, which significantly reduces the network bandwidth requirements.

Improve this answer
0

You might have some luck trying different values of the Ciphers option in your ssh_config. Additionally try reducing or disabling compression if your network connection is fast enough to cope to take some extra load off the CPU.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.