Subject: Re: Unofficial macppc 2.1 ISO for old world machines
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Sean Winn <firstname.lastname@example.org>
Date: 11/23/2005 06:48:22
der Mouse wrote:
>> Telnet is just a bad idea these days, ssh basically works the same
>> and is not such a bad idea.
> If you think ssh basically works the same as telnet, there really is
> nothing more to discuss, since you are living in a drastically
> different reality from the one I am.
> Each supports a form of remote login, and that's about where the
> similarities end. The way one logs in is different, the additional
> facilities provided beyond login are wildly different, there is a
> *huge* difference in the computational load imposed (if the machines
> are otherwise idle, taking a millisecond rather than a microsecond may
> be no big deal, but if you're doing it a thousand times, it matters)...
> /~\ The ASCII der Mouse
> \ / Ribbon Campaign
> X Against HTML email@example.com
> / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Most of the noticeable computational load is in set up (RSA or DH
exchange), once off cost but right where it'll annoy you the most during
an interactive set up.
However, overall SSH has a very wide range of options in selecting the
crypto used - it usually only takes a few minutes to do "openssl speed"
and pick the minimum crypto algorithm to meet your security requirements
that offers the best speed, and place that in the ssh_config Ciphers
line first. They're in compatibility order now (so AES, then 3DES, then
finally the Blowfish and CAST), and overall it's pretty good, but if you
want to squeeze the last bit out of the CPU, blowfish-cbc manages a
better job of it.