← Back to context

Comment by chasil

2 days ago

The scp program switched to calling sftp as the server in OpenSSH version 8.9, and notably Windows is now running 9.5, so large segments of scp users are now invoking sftp behind the scenes.

If you want to use the historic scp server instead, a command line option is provided to allow this:

"In case of incompatibility, the scp(1) client may be instructed to use the legacy scp/rcp using the -O flag."

https://www.openssh.org/releasenotes.html

The old scp behavior hasn't been removed, but you need to specifically request it. It is not the default.

It would seem to me that an alternate invocation for file transfer could be tested against sftp in high latency situations:

  ssh yourhost 'cat somefile' > somefile

That would be slightly faster than tar, which adds some overhead. Using tar on both sides would allow transfers of special files, soft links, and retain hard links, which neither scp nor sftp will do.

  ssh yourhost 'tar cf - yourdir' | tar xpf -

Windows has also recently added a tar command.

2 comments

chasil

Reply
rapier1  2 days ago

Keep in mind that SCP/SSH might be faster in some cases than SFTP but in both cases it is still limited to a 2MB application layer receive window which is drastically undersized in a lot of situations. It doesn't matter what the TCP window is set to because the OpenSSH window overrides that value. Basically, if your bandwidth delay product is more than 2MB (e.g. 1gbps @ 17ms RTT) you're going to be application limited by OpenSSH. HPN-SSH gets most of the performance benefit by normalizing the application layer receive window to the TCP receive window (up to 128MB). In some cases you'll see 100X throughput improvement on well tuned hosts on a high delay path.

If your BDP is less than 2MB you still might get some benefit if you are CPU limited and use the parallel ciphers. However, the fastest cipher is AES-GCM and we haven't parallelized that as of yet (that's next on the list).

  • chasil  2 days ago

    When I need speed, I drop down to FTP/rcp or some other cleartext protocol.

    Moving a terabyte database in an upgrade, I have connected three ports direct (no switch), then used xargs to keep all three connections busy with transferring the 2gb data files. I can get the transfer done in under an hour this way.

    I don't currently have a performance need for an encrypted transfer, but one may arise.