Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Forwarded ports are not compressed
- Sam Liddicott
January 17, 2006, 5:12 pm
rate this thread
OpenSSH_3.5p1 (old redhat) boxes I find that only the command stream is
compressed, never the forwarded ports.
I have a 15MB test file that will compress to 1% of its main size.
cat /tmp/flowRoot2144.bmp | ssh -1 -v -v -o Compression=yes -o
Compressionlevel=9 -L999:localhost:22 root@REMOTEHOST 'cat > /tmp/x'
is very quick, but this:
ssh -C -999:localhost:22 -p 22 root@REMOTEHOST
(and then from another terminal)
scp -P 999 /tmp/flowRoot2144.bmp root@localhost:/tmp/x
runs VERY slowly, and iptables packet logging indicates that around 16M
of data is transferred.
Of course I can do:
scp -C -P 999 /tmp/flowRoot2144.bmp root@localhost:/tmp/x
but it's not an SCP I am trying to compress, but the flows over some
What am I doing wrong? Openssh man pages claim: "Requests compression of
all data (including stdin, stdout, stderr, and data for forwarded X11
and TCP/IP connections)" but I fail miserably to find any evidence of it
compressing ports; use of -v -v shows it doesn't even try; except for
the main interactive session which is compressed when I ask.
Re: Forwarded ports are not compressed
This is because that inner scp is encrypting the data, so the outer ssh only
gets to see encrypted data, which is incompressible.
The compression in either SSH-1 or SSH-2 applies to all packets. OpenSSH
would have to jump through some fairly silly hoops to selectively compress
only traffic on the main session. My suspicion is that the traffic you're
port-forwarding isn't as compressible as you think.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum