Re: recommended SSL-friendly crypto accelerator
Of course, after I send this, I realize I'm using aes-128 on the ssh
side. Sorry, I can't reconfig the sshd right now, but will try later on
tonight.
-Andrew
On Thu, Apr 15, 2004 at 02:03:17PM -0400, andy@lewman.com wrote 2.3K bytes in 76 lines about:
: Yes, it appears to be both ssh and apache w/ssl.
:
: Here's ssh alone, from console, with single session login with rsa key:
:
: phobos# apachectl stop
: phobos# ./hifnstats
: input 485139168 bytes 1563934 packets
: output 485139168 bytes 1563934 packets
: invalid 0 nomem 0 abort 0
: noirq 0 unaligned 0
: totbatch 0 maxbatch 0
: nomem: map 0 load 0 mbuf 0 mcl 0 cr 0 sd 0
:
: phobos# ./hifnstats
: input 485141328 bytes 1563962 packets
: output 485141328 bytes 1563962 packets
: invalid 0 nomem 0 abort 0
: noirq 0 unaligned 0
: totbatch 0 maxbatch 0
: nomem: map 0 load 0 mbuf 0 mcl 0 cr 0 sd 0
:
: with ssh stopped, apache2 w/ssl hitting an ssl enabled site on the
: server:
:
: phobos# ./hifnstats
: input 485226224 bytes 1565175 packets
: output 485226224 bytes 1565175 packets
: invalid 0 nomem 0 abort 0
: noirq 0 unaligned 0
: totbatch 0 maxbatch 0
: nomem: map 0 load 0 mbuf 0 mcl 0 cr 0 sd 0
:
: <insert site hit here>
:
: phobos# ./hifnstats
: input 485232512 bytes 1565205 packets
: output 485232512 bytes 1565205 packets
: invalid 0 nomem 0 abort 0
: noirq 0 unaligned 0
: totbatch 0 maxbatch 0
: nomem: map 0 load 0 mbuf 0 mcl 0 cr 0 sd 0
:
: And for the heck of it, here's my crypto stats, but this doesn't mean
: it's going through the card; if i'm understanding it correctly.
:
: ./cryptostats
: 1565690 symmetric crypto ops (0 errors, 0 times driver blocked)
: 5 key ops (5 errors, 0 times driver blocked)
: 0 crypto dispatch thread activations
: 5 crypto return thread activations
:
:
: On Thu, Apr 15, 2004 at 11:05:30AM -0400, mike@sentex.net wrote 0.5K bytes in 16 lines about:
: : At 10:51 AM 15/04/2004, andy@lewman.com wrote:
: : >hifnstats shows decent amounts of traffic through it (at least
: : >interrupts) however cryptokeytest doesn't work due to an unsupport call
: : >apparently.
: : >
: : >Here's my hifnstats:
: : >
: : >input 476104224 bytes 1527365 packets
: : >output 476104224 bytes 1527365 packets
: :
: : But is that your ssh session that is being accelerated ? To test, login
: : via the console, or login using blowfish as the cipher. Then run hifnstats
: : and make sure that the packet counters are not incrementing. Then do your
: : https test.
: :
: : ---Mike
:
: --
:
: _______________________________________________
: freebsd-security@freebsd.org mailing list
: http://lists.freebsd.org/mailman/listinfo/freebsd-security
: To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
--
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 27 之 30 篇):