SunSSH with HW crypto support

On Friday Sep 12, I integrated 6445288 ssh needs to be OpenSSL engine aware project which will be released together with Nevada 99. The project was targeted at UltraSPARC T2 platform (AKA Niagara 2) because it provides a hardware acceleration of symmetric encryption algorithms that can be used to speed up applications like SSH. Platforms without any hardware acceleration for symmetric ciphers are uneffected. If you have a Niagara 2 and will use the new code, you will see the difference without changing your configuration. It will work out of box.

Many details are in the SunSSH HW crypto support presentation, I just mention that with the new code, the data transfer time on Niagara 2 is reduced to 40% of the previous value for the default AES-128-CTR mode. Before the change:

$ time dd if=/dev/zero bs=1024k count=500 | \\
    ssh t5220-sfb-06 'cat >/dev/null'
real    0m52.718s
user    0m49.720s
sys     0m3.165s
And after I integrated the code into Nevada build 99:
$ time dd if=/dev/zero bs=1024k count=500 | \\
    ssh t5220-sfb-06 'cat >/dev/null'
real    0m20.839s
user    0m11.962s
sys     0m6.179s
Note that since Niagara 1 has ncp(7d) driver which supports public key algorithms only, you will not see any acceleration there unless you have SCA-6000 crypto accelerator card. SCA-6000 can be used for acceleration on other machines as well, see the presentation for more information. Also, see the presentation on information about possible backport to Solaris 10. In short - there is a plan to do that but we can not promise anything at this point.

Great presentation!

Hope to see HW crypto support backported to Solaris 10!

Posted by Thorleif Wiik on September 15, 2008 at 07:32 AM CEST #

Very interesting. I too would be interested to see this backported to Solaris 10.

Have you looked at the threaded CTR mode patch from the Pittsburgh Supercomputing Center? It might be interesting to combine your approach with theirs.

Posted by Derek Morr on September 15, 2008 at 09:11 AM CEST #

to Derek: we know about the HPN patches to OpenSSH but I haven't got to it yet. As mentioned in the presentation - combining the HW acceleration with SW parallelism using AES-CTR mode is on our todo list but I'm not sure when we can get to it. The next project seems to be X.509 support which I blogged about some time ago.

Posted by Jan Pechanec on September 15, 2008 at 09:17 AM CEST #

Is it possible to reconsider the backports plan and speed it up ? I am sure there are so many T2-based servers that almost every admin will thank for it. :-)

Posted by Przemyslaw Bak (przemol) on September 18, 2008 at 04:00 AM CEST #

to Przemyslaw: there is nothing we could speed up at this point, we are working on it right now but as I said in the presentation we can't promise anything because it's a complex project to do. We hope this will go to s10u7.

Posted by Jan Pechanec on September 18, 2008 at 04:44 AM CEST #

uuups tied on a cheep AMD Athlon dual Core with linux ubuntu.

root@ubuntu:~# time dd if=/dev/zero bs=1024k count=500 | ssh user@ 'cat >/dev/null'
user@'s password:
500+0 Datensätze ein
500+0 Datensätze aus
524288000 Bytes (524 MB) kopiert, 10,8646 s, 48,3 MB/s

real 0m10.896s
user 0m5.996s
sys 0m1.528s

Posted by Alexander Junghans on January 29, 2009 at 08:49 AM CET #

to Alexander:

I'm not sure you understand the problem we were solving here. OpenSolaris will probably generate the same numbers on that hardware you use. The thing is to speed up a single threaded SSH on one CPU of T2 machine. That one virtual CPU is quite slow in comparison to the "cheap AMD athlon with 2 cores". However, T2 has 64 virtual CPUs, and we can run the transfer more times in paralel there while you couldn't.

I agree, 48.3MB looks better than 25MB but this is the beginning. The next step is to precompute AES-CTR stream in larger chunks so that we get rid of some HW overhead, and then we would like to harness multiple crypto cores.

cheers, Jan.

Posted by Jan on January 29, 2009 at 09:03 AM CET #

Are you aware of this patch for OpenSSH?


Posted by Marc Newman on May 05, 2009 at 11:46 AM CEST #

to Marc: sure, looking at those TCP window issues is on our TODO list, for quite a long time I must admit. We would like to mount more threads as well because AES-CTR is the default cipher mode in SunSSH, and ship 64-bit SSH binaries (at present we ship SSH in 32-bits only) since we can see significant speed-up for some algorithms when 64-bit OpenSSL libraries are used. However, we don't have any ETA as of now.

Posted by Jan on May 06, 2009 at 05:15 AM CEST #

Has there been any update on looking at TCP windows inside Sun_SSH? It is disappointing to have to install OpenSSH with HPN patches because the latest Solaris Patches from Sep2010 do not handle adjusted buffer and window scale size. Just about every commercial environment has a 1g line, and many are moving to 10g, yet ssh is still moving in 100mb world.

Posted by Harry Shoe on September 30, 2010 at 12:25 PM CEST #

Post a Comment:
  • HTML Syntax: NOT allowed

Jan Pechanec


« April 2014