SFTP plugin: Make it faster with low effort

[SithLord]

Hi,

SCP/SFTP can be made way faster with low effort. For this, Ghisler would just have to change the CipherList sent to the server and use "Arcfour128" as the only one available.

By default SSH always selects the strongest cipher available which is often AES256 but this is CPU consuming and it's not really needed for a SCP/SFTP sessions wich are, by essence, short-lived as opposed to interactive SSH sessions which need real strong encryption because they usually last longer (and generate way less traffic so not a CPU issue).

For example, on a typical desktop, with "scp -c arcfour128 /path/to/file user@server:/path/to", you achieve Gbps speed limit with arcfour128.

Could it be possible to add a checkbox "Use arcfour128" to the SFTP plugin to make everybody happy ? (those who want speed vs those who want extra strong security).

Using this checkbox would reduce the list of ciphers to "arcfour128" when advertised to the server forcing it to select it. (ie: That's what "-c" does for SCP)

BTW, the same applies to SFTP plugin for TC desktop on Windows of course.

[Horst.Epp]

For the Desktop TC its useles to play around with encryption settings.
On todays hardware the machine always waits for the IO and has no problem to encrypt it in time.

[SithLord]

1/ Not everyone owns modern hardware

2/ There's nothing to play around with: If "Use arcfour128" checkbox is selected, just replace the CipherList with "arcfour128" alone in the API call. One line of code.

3/ Let's put your claim to test : Desktop Corei5 to Server Xeon

pv /dev/zero | ssh -c aes128-ctr user@server "cat - > /dev/null"
=> ~85MB/s

pv /dev/zero | ssh -c arcfour128 user@server "cat - > /dev/null"
=> ~97MB/s

Convincing enough? Not a single bit of slow I/O envolved, all RAM.

And most modern hardware use SSD far superior in performance than Gbps ethernet, no not likely to be the bottleneck

EDIT: Corrected typo