Subject: Re: SSH on NetBSD 1.5.2, authentication slow?
To: None <rmk@rmkhome.com>
From: Greg Troxel <gdt@ir.bbn.com>
List: netbsd-users
Date: 03/17/2003 08:09:27
With SSH v2, most of the time is in the Diffie Hellman computation.
So really one has to give times for a pair of machines, and the time
for a single machine is not strictly meaningful, unless you mean 'time
ssh ::1 id'.  I've been sloppy about this myself, giving times for a
Sparc 20, but I meant "in the case when the other machine is much
faster", such as when one end is e.g. a 933 MHz PIII and the other a
Sparc Classic or a 486.

Also, unless the DH key size is named, the numbers are not at all
comparable. The 1.6 branch seems to default to 4096 bit keys.

  An Ultra 5 275mhz running 1.6 seems to take about as long as an SS5 running
  1.5.4 with all userland built with COPTS+=-mcpu=supersparc -mtune=supersparc.
  The Ultra 5 is running in 64bit mode.

This seems odd, but unless you verify that the same size keys are
being used, it isn't clear what it means.  I wonder if the bignum code
is using 32 bit chunks or 64 bit chunks on sparc64, and how that fits
with the underlying hardware - I don't know if there is a 64x64=>128
bit integer multiply instruction on sparc64.  -mcpu-supersparc turns
on the use of the 32-bit integer multiply, which is not available on
earlier sparc cpus.  In my experience, ssh v2 speed is really all
about the DH computation (once you don't have any DNS brokenness).

        Greg Troxel <gdt@ir.bbn.com>