[pve-devel] central cipher config
Stefan Priebe - Profihost AG
s.priebe at profihost.ag
Tue Oct 30 10:36:30 CET 2012
Am 30.10.2012 10:31, schrieb Dietmar Maurer:
>> But right now blowfish is hardcoded in proxmox - i don't think that this is a
>> good idea.
>
> That is the fastest cipher available (in squeeze).
Not to me.
Without AES-NI (default squeeze openssl):
arcfour is the fastest.
With AES-NI / patches openssl:
aes128-cbc is the fastest.
Simply tested through 10GBE:
#!/bin/bash
for cipher in aes128-ctr aes192-ctr aes256-ctr arcfour256 arcfour128
aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc
arcfour ; do
echo "$cipher"
for try in 1 2 ; do
scp -c "$cipher" test.tar root at 10.255.0.24:/tmp/
ssh root at 10.255.0.24 'rm /tmp/test.tar'
done
done
Stefan
More information about the pve-devel
mailing list