Closed ERnsTL closed 8 years ago
dimov-cz
commented
8 years ago HPN is very interesting, but it's not officialy included yet in any distro. Also I know none well maintained repository with patch. And compiling on your own with every security patch is pain and not for everybody.
Client side support will not be so simple. SSH related stuff shoud go to https://sshnet.codeplex.com/. Project seems to be dying, theres no big update since 2014.. But its still the best ssh library probably.
rcproam
commented
8 years ago "HPN is very interesting, but it's not officialy included yet in any distro."
This is not true, the OpenSSH HPN-SSH patches have been included in FreeBSD since 9.0, but since win-sshfs relies on SSH.NET not OpenSSH I would guess it is not possible to merge in the HPN patches.
The only easy option I can see is if win-sshfs switched from SSH.NET to the OpenSSH distribured with Cygwin and included the HPN-SSH patches:
https://github.com/rapier1/hpn-ssh/tree/master/contrib/cygwin http://www.mls-software.com/opensshd.html
...or even better dump SSH.NET and switch to the official Microsoft Win32-OpenSSH (despite the name there are also 64-bit builds):
Greetings, please add the ability and option dialog check-box for optionally using the None cipher.
This is a post-authentication cipher for use inside an otherwise protected or trusted network, eg. inside VPN (already encrypted), office cable LAN, etc. and obviously provides huge performance gains for such situations.
Example code and documentation reference for this "None switch" is available at the website of the Pittsburg Supercomputing Center's website for the High Performance Networking (HPN) SSH patchset.
For reference, the HPN patchset is becoming more and more widespread use, and packages are available in Debian and Ubuntu standard repositories, so it is not something "exotic". The patchset is also backward-compatible; it is the same SSH protocol, the same OpenSSH server software, but optimized buffer handling and windowing, which provides big performance gains, so it is a no-brainer to install it, so I can only assume that its deployment is on the rise.
Besides the other mentioned SSH optimizations from the patchset, the None cipher provides considerable performance boost when network protection / confidentiality on the network is already otherwise protected or not necessary.
It is only one additional cipher without any actual encryption being at work, so implementation effort should be relatively small.
I am not sure, if this issue is to be filed here or at the Dokany library, but I wanted to voice this feature enhancement proposal for the None cipher on some place, to get started.