Debian Bug report logs - #693424
ssh: Please include HPN (high performance networking) patches for SSH

version graph

Package: openssh; Maintainer for openssh is Debian OpenSSH Maintainers <[email protected]>;

Reported by: Axel Beckert <[email protected]>

Date: Fri, 16 Nov 2012 11:03:01 UTC

Severity: wishlist

Tags: patch, upstream, wontfix

Merged with 292932, 353303, 468222, 726755

Found in versions 1:4.7p1-4, 1:6.2p2-6

Reply or subscribe to this bug.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to [email protected], [email protected], Debian OpenSSH Maintainers <[email protected]>:
Bug#693424; Package ssh. (Fri, 16 Nov 2012 11:03:03 GMT) (full text, mbox, link).

Acknowledgement sent to Axel Beckert <[email protected]>:
New Bug report received and forwarded. Copy sent to [email protected], Debian OpenSSH Maintainers <[email protected]>. (Fri, 16 Nov 2012 11:03:03 GMT) (full text, mbox, link).

Message #5 received at [email protected] (full text, mbox, reply):

From: Axel Beckert <[email protected]>
To: [email protected]
Subject: ssh: Please include HPN (high performance networking) patches for SSH
Date: Fri, 16 Nov 2012 12:00:35 +0100
Package: ssh
Severity: wishlist
X-Debbugs-Cc: Paul Slootman <[email protected]>

Axel Beckert wrote:
> clone 13389 -1
> retitle 13389 Support the "none" cipher
> retitle -1 Include HPN (high performance network) SSH patches (without the "none" cipher patch)
> tag -1 - wontfix
> kthxbye

As that clone failed due to merged bugs and I was thinking about
filing a new bug report anyway, lets do that now:

Please include the patches from
http://www.psc.edu/networking/projects/hpn-ssh/ (without the "none"
cipher patch, see http://bugs.debian.org/13389) in the openssh
package.

Maybe instead of including them in the default SSH binary packages, it
could be an ideal to build separate hpn-ssh binary packages from the
same source, so only those who explicitly want them also get them.

		Regards, Axel
-- 
 ,''`.  |  Axel Beckert <[email protected]>, http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-    |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5

Information forwarded to [email protected], Debian OpenSSH Maintainers <[email protected]>:
Bug#693424; Package ssh. (Fri, 16 Nov 2012 12:24:03 GMT) (full text, mbox, link).

Acknowledgement sent to Colin Watson <[email protected]>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <[email protected]>. (Fri, 16 Nov 2012 12:24:03 GMT) (full text, mbox, link).

Message #10 received at [email protected] (full text, mbox, reply):

From: Colin Watson <[email protected]>
To: Axel Beckert <[email protected]>, [email protected]
Subject: Re: Bug#693424: ssh: Please include HPN (high performance networking) patches for SSH
Date: Fri, 16 Nov 2012 12:22:03 +0000
tags 693424 wontfix
thanks

On Fri, Nov 16, 2012 at 12:00:35PM +0100, Axel Beckert wrote:
> Please include the patches from
> http://www.psc.edu/networking/projects/hpn-ssh/ (without the "none"
> cipher patch, see http://bugs.debian.org/13389) in the openssh
> package.

Sorry, but I am not going to include any more large and invasive patch
sets in Debian's OpenSSH package, especially not ones that add new
configuration options (upstream has a history of giving such things
different names when they accept them, and then I'm stuck maintaining
configuration file compatibility forever).  This needs to go upstream.

> Maybe instead of including them in the default SSH binary packages, it
> could be an ideal to build separate hpn-ssh binary packages from the
> same source, so only those who explicitly want them also get them.

Absolutely not.  That way lies combinatorial explosion.

Thanks,

-- 
Colin Watson                                       [[email protected]]

Added tag(s) wontfix. Request was from Colin Watson <[email protected]> to [email protected]. (Fri, 16 Nov 2012 12:24:05 GMT) (full text, mbox, link).

Information forwarded to [email protected], Debian OpenSSH Maintainers <[email protected]>:
Bug#693424; Package ssh. (Fri, 16 Nov 2012 12:51:05 GMT) (full text, mbox, link).

Acknowledgement sent to Axel Beckert <[email protected]>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <[email protected]>. (Fri, 16 Nov 2012 12:51:05 GMT) (full text, mbox, link).

Message #17 received at [email protected] (full text, mbox, reply):

From: Axel Beckert <[email protected]>
To: [email protected]
Subject: Re: Bug#693424: ssh: Please include HPN (high performance networking) patches for SSH
Date: Fri, 16 Nov 2012 13:49:00 +0100
Control: tag -1 + upstream

Hi Colin,

thanks for the prompt reply and the explanations!

Colin Watson wrote:
> On Fri, Nov 16, 2012 at 12:00:35PM +0100, Axel Beckert wrote:
> > Please include the patches from
> > http://www.psc.edu/networking/projects/hpn-ssh/ (without the "none"
> > cipher patch, see http://bugs.debian.org/13389) in the openssh
> > package.
> 
> Sorry, but I am not going to include any more large and invasive patch
> sets in Debian's OpenSSH package, especially not ones that add new
> configuration options

Ok.

> (upstream has a history of giving such things different names when
> they accept them,

Hehe.

> and then I'm stuck maintaining configuration file compatibility
> forever).

Good point!

> This needs to go upstream.

Tagged it accordingly.

> > Maybe instead of including them in the default SSH binary packages, it
> > could be an ideal to build separate hpn-ssh binary packages from the
> > same source, so only those who explicitly want them also get them.
> 
> Absolutely not.  That way lies combinatorial explosion.

Yeah, I know. And it's sometimes hard to find the right balance
between different demands and to many versions.

		Regards, Axel
-- 
 ,''`.  |  Axel Beckert <[email protected]>, http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-    |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5

Added tag(s) upstream. Request was from Axel Beckert <[email protected]> to [email protected]. (Fri, 16 Nov 2012 12:51:05 GMT) (full text, mbox, link).

Information forwarded to [email protected], Debian OpenSSH Maintainers <[email protected]>:
Bug#693424; Package ssh. (Thu, 29 Oct 2015 19:03:04 GMT) (full text, mbox, link).

Acknowledgement sent to Peter Samuelson <[email protected]>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <[email protected]>. (Thu, 29 Oct 2015 19:03:04 GMT) (full text, mbox, link).

Message #24 received at [email protected] (full text, mbox, reply):

From: Peter Samuelson <[email protected]>
To: [email protected]
Cc: Axel Beckert <[email protected]>
Subject: Re: Bug#693424: ssh: Please include HPN (high performance networking) patches for SSH
Date: Thu, 29 Oct 2015 12:57:10 -0500
[Colin Watson]
> Sorry, but I am not going to include any more large and invasive patch
> sets in Debian's OpenSSH package, especially not ones that add new
> configuration options (upstream has a history of giving such things
> different names when they accept them, and then I'm stuck maintaining
> configuration file compatibility forever).  This needs to go upstream.

Understandable, but too bad.  Apparently this dramatic performance
improvement is unlikely to go upstream:

    "So if HPN-SSH is so awesome why hasn't OpenSSH adopted it? That's
    a long story and people who know the OpenBSD team probably already
    know the answer.  I understand many of their reasons - it's a big
    patch which would require additional work on their end (and they
    are a small team), they don't care as much about performance as
    security (though there is no security implications to HPN-SSH), etc
    etc etc.  However, even though OpenSSH doesn't use HPN-SSH Facebook
    does.  So do Google, Yahoo, Apple, most ever large research data
    center, NASA, NOAA, the government, the military, and most
    financial institutions.  It's pretty well vetted at this point."

        - http://stackoverflow.com/questions/8849240

My own 2c: the NONE cipher and the parallel AES implementation are not
very interesting, because with an Intel Sandy Bridge CPU (with hardware
acceleration for both AES and GCM), the AES + GCM mode ciphers are
_really_ fast.  Anyone who cares about performance should be using
them, and should buy Sandy Bridge or newer CPUs.

But the receive buffer scaling part of the HPN patchset is still
relevant, and in fact quite critical for long fat pipes.  (Fortunately
the various features are broken out into individual patches.)  I wonder
how long until OpenSSH upstream realises that a 1.2 MB window is not
really large enough on today's Internet.

Bug reassigned from package 'ssh' to 'openssh'. Request was from Jeremy Bicha <[email protected]> to [email protected]. (Sun, 11 Dec 2016 22:21:05 GMT) (full text, mbox, link).

Marked as found in versions 1:4.7p1-4 and 1:6.2p2-6. Request was from Jeremy Bicha <[email protected]> to [email protected]. (Sun, 11 Dec 2016 22:21:08 GMT) (full text, mbox, link).

Added tag(s) patch. Request was from Jeremy Bicha <[email protected]> to [email protected]. (Sun, 11 Dec 2016 22:21:08 GMT) (full text, mbox, link).

Merged 292932 353303 468222 693424 726755 Request was from Jeremy Bicha <[email protected]> to [email protected]. (Sun, 11 Dec 2016 22:21:09 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 13:07:58 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.