[Bug 412441] New: Request for support of HPN-SSH high-performance extension to OpenSSH
https://bugzilla.novell.com/show_bug.cgi?id=412441 User pgnet.trash+F@gmail.com added comment https://bugzilla.novell.com/show_bug.cgi?id=412441#c1 Summary: Request for support of HPN-SSH high-performance extension to OpenSSH Product: openSUSE 11.0 Version: Final Platform: All OS/Version: All Status: NEW Severity: Enhancement Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: pgnet.trash+F@gmail.com QAContact: qa@suse.de Found By: Customer ssh is widely used as a secure comms protocol between enterprise machines across the LAN &/or broadband conections. native ssh suffers from throughput bottlenecks due to static internal flow buffering. the solution is to patch/rebuild using: High Performance SSH/SCP - HPN-SSH http://www.psc.edu/networking/projects/hpn-ssh/ the 'hpn patch' is widely available as an openssh variant in distro/community repos of other distributions. afaict, not @ opensuse ... it's easily deployed, manually: i'm running, uname -a Linux server 2.6.25.11-0.1-xen #1 SMP 2008-07-13 20:48:28 +0200 x86_64 x86_64 x86_64 GNU/Linux check openssh dependencies, rpm -q --whatrequires openssh no package requires openssh get installed ssh's out of the way, rpm -e `rpm -qa | grep -i openssh` get src, zypper si openssh unpack openssh src, patch w/ hpn, repack, cd /usr/src/packages/SOURCES bunzip2 openssh-5.0p1.tar.bz2 tar xvf openssh-5.0p1.tar # NOTE the patch as of 07/25/08 is only available for openssh5.0p1. openssh5.1p1 was just released in the last few days. should sync up soon hopefully ... wget http://www.psc.edu/networking/projects/hpn-ssh/openssh-5.0p1-hpn13v3.diff.gz gunzip openssh-5.0p1-hpn13v3.diff.gz cd openssh-5.0p1 patch -p1 < ../openssh-5.0p1-hpn13v3.diff cd ../ tar -cf openssh-5.0p1.tar openssh-5.0p1/ bzip2 openssh-5.0p1.tar remove audit patch, which is old, and causes %install phase to fail, cd /usr/src/packages//SPECS setenv TARGET `grep "audit.patch" openssh.spec | cut -d":" -f1` grep -i $TARGET openssh.spec Patch44: %{name}-%{version}-audit.patch %patch44 -p1 perl -pi -e 's/^(.*'$TARGET'.*\n)//i' openssh.spec exec %build, cd /usr/src/packages/SPECS rpmbuild -bc openssh.spec manual install, as "rpmbuild -bi openssh.spec" fails, not finding /var/tmp/openssh-build.../ssh-kkeyconverter.1.gz ... cd /usr/src/packages/BUILD/openssh-5.0p1 make install check, ssh -V OpenSSH_5.0p1-hpn13v1, OpenSSL 0.9.8g 19 Oct 2007 works great. we've deployed it to all our boxes on all platforms -- and (so far) no issues. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=412441
User meissner@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c1
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=412441
User pgnet.trash+F@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c2
pgnet _
https://bugzilla.novell.com/show_bug.cgi?id=412441
User pgnet.trash+F@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c3
pgnet _
https://bugzilla.novell.com/show_bug.cgi?id=412441
User meissner@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c4
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=412441
User meissner@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c5
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=412441
User anicka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c6
Anna Bernathova
https://bugzilla.novell.com/show_bug.cgi?id=412441
User pgnet.trash+F@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c7
--- Comment #7 from pgnet _
it looks that upstream simply does not have resources to review that huge patch and a will to maintain it
If that's, in fact, the case, then your reticence is well-placed. An alternative that might be considered -- assuming that you deem it valuable to your customers & worth the effort/risk -- is for Novell/SuSE to proactively 'introduce' the HPN author/team to the *Suse build system. In that way (a) a cross-distro solution might be more easily built/maintained (b) collaboration for ongoing maintenance might be better organized (c) Novell/Suse could be seen as facilitating/mmarketing the performance solution. I agree that an un-maintained solution is a poor option. Thanks for your comments. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=412441
User pgnet.trash@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=412441#c8
pgnet _
participants (1)
-
bugzilla_noreply@novell.com