Netslovers
scp
scp is the command-line tool included with the OpenSSH suite of tools, it is designed to securely transfer files to and from remote hosts.
Compression
If you add the following to ~/.ssh/config your files will be compressed in-transit which will reduce the amount of data which is required to transfer
Host *
Compression yes
CompressionLevel 4
Cipher Choices
ssh and scp both support a large number of ciphers, which are used to encrypt your content over the network. You can see the ciphers enabled in your copy of OpenSSH by running “man ssh_config“.
For my personal Debian GNU/Linux machine I see the following ciphers are supported:
- 3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr arcfour128 arcfour256 arcfour blowfish-cbc cast128-cbc
To choose a particular cipher run:
$ ssh -o Cipher=arcfour user@host.example.com
or
$ scp -o Cipher=arcfour local-file user@remote.example.com:
The different ciphers have different performance characteristics, and you can test the timings if you have a large file named test.img by repeatedly copying the file to a remote host using a different cipher each time:
$ for i in aes128-cbc arcfour ; do time scp -o Cipher=$1 test.img user@remote.example.com: ; done
For my personal systems the following were rough timings:
3des-cbc45.48 seconds.aes128-cbc45.39 seconds.aes192-cbc45.01 seconds.aes256-cbc45.50 seconds.aes128-ctr45.29 seconds.aes192-ctr44.40 seconds.aes256-ctr45.88 seconds.arcfour12845.29 seconds.arcfour25645.94 seconds.arcfour42.32 seconds.blowfish-cbc46.02 seconds.cast128-cbc47.07 seconds.
So for my particular setup it seems that arcfour is the fastest cipher to choose. (For reference disabling compression increased the time to transfer my sample file to over 30 minutes!)
