Announcement

Collapse
No announcement yet.

Speedup SFTP file transfers greatly - HPN-SSH installation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Speedup SFTP file transfers greatly - HPN-SSH installation

    HPN-SSH Installation guide

    Supported Operating Systems:
    • Ubuntu/Ubuntu Server 15.10 x32/x64
    • Ubuntu/Ubuntu Server 15.04 x32/x64
    • Ubuntu/Ubuntu Server 14.04 x32/x64

    Manual installation supported:
    • Debian systems
    • Possible other linux distros
    Table of contents:
    1. ​Profits of HPN-SSH
    2. Where to get it
    3. Before the installation
    4. Installation (FINALLY)
      1. Installation from repo
      2. Installation from source

    5. Things to know about hpn-ssh
    6. Test your transfer speed now!

    Warnings:
    Do not attempt SSH removal/reinstallation etc if you don't have other way to connect to the server!

    Don't try to use ubuntu packages on other distros if they aren't package-compatible

    1. Profits of HPN SSH

    HPN-SSH is a modification of original openssh-server. It's meant to allow very fast SFTP transfers. Right now if you have 100 Mb/s download and you try to download file from SFTP then about HALF of your download speed is wasted for the protocol. Using HPN-SSH you can reduce this penalty to less than 5% speed of your download.

    By using this modification you can still have your maximum security profits from SFTP transfer WITH speed of FTPS connection. It's win-win for everyone!

    2. Where to get it

    There are two ways you can get HPN-SSH:



    I highly recommend that you use precompiled packages as you will avoid most problems at start.

    3. Before the installation

    Okay we want to install hpn-ssh to get fast SFTP transfers but... we're currently using SSH to connect to the server and if something breaks then we will be left without being able to connect our own server!

    Solution is simple. Install another program to connect to the server in case if something will break our SSH connection

    I've installed telnet in my case. It's simple, obsolete and insecure program but it should be enough for a moment of installation. Remember to remove it later

    Use this command to install telnet server in Ubuntu:

    Code:
    sudo apt-get install telnetd
    Start the server now

    Code:
    /etc/init.d/inetd start


    Try to connect to your server on port 23 (telnet) now. If you can login without problems we can go to the next part. Don't worry, you can still use SSH connection to make the installation, it won't automatically disconnect during the installation so we may not need telnet at all but better be safe than sorry.

    4. Installation (FINALLY)

    4.1. Installation from repo

    First we need to add hpn-ssh repo to our database as it's not a official repository. Accept SSL key if asked.
    Code:
    sudo add-apt-repository ppa:yoda-jazz-kc/hpn-ssh
    sudo apt-get update
    Now we need to REMOVE SSH. We won't get disconnected, don't worry, we have telnet just in case.
    Code:
    sudo apt-get remove openssh-client openssh-server
    Okay, we are still online (weird, isn't it?). SSH does not exist on disk but it's still loaded in memory

    Now there are several ways to force ubuntu to install SSH from specified repo, they all have cons and pros so I will use SIMPLIEST one. What's the simpliest way? Comment out official repos and let ubuntu update, it will find only one ssh package, one from hpn-ssh. Why use hack like that? Because openssh has a lot of dependencies and they are colliding with each other repo, we would need to type tons of text to get it installed "correct" way. I also tried setting hpn-ssh repo "higher" than official one and it didn't worked so I used this method.

    VNC users can use Synaptic or other GUI tools to turn off official repositories temporarily

    Lets edit /etc/apt/sources.list
    Code:
    nano  /etc/apt/sources.list
    You will see a lot of lines and every line starts with
    Code:
    deb http://mirrors.online.net/ubuntu/ xenial restricted main
    You need to put hash (#) before the line so it will look like that
    Code:
    #deb http://mirrors.online.net/ubuntu/ xenial restricted main
    That will turn off this repository, repeat for every line in this file and save it.

    Okay, now we need to update repos
    Code:
    sudo apt-get update
    Now to be sure that we're installing right one
    Code:
    apt-cache showpkg openssh-server
    It should list only one version available with hpn suffix. Something like that is a good sign
    Code:
    1:7.1p2-hpn14v9-2~ubuntu16.04.1
    And finally
    Code:
    sudo apt-get install openssh-server openssh-client
    As we turned off official repositiories the only one openssh-server package that server has access to is located in 3rd party HPN-SSH repository. Accept the installation.

    Now we need to restart SSH daemon. If everything was done correctly we should be able to connect to the server after sshd restart.
    Code:
     sudo service sshd restart
    Try to make new connection to server by SSH. Did it Worked? Great.

    Now type
    Code:
    ssh -V
    If it says something like
    Code:
    OpenSSH_7.1p2-hpn14v9 Ubuntu-hpn14v9-2~ubuntu16.04.1, OpenSSL 1.0.2g  1 Mar 2016
    Then you did everything correctly. Your high performance SFTP is now ready to use!

    Remember to uncomment official repos and disable openssh-server package from being updated!


    4.2. Installation from source

    Do not do this if you aren't experienced in linux! You've been warned

    Notice that I didn't tested this way! It should work but I can not guarantee!


    Use following git repo - GitHub - rapier1/hpn-ssh: HPN-SSH is a set of patches designed to enhance OpenSSH

    Get original openssh source files from official repo

    Remove SSH
    Code:
    sudo apt-get remove openssh-client openssh-server


    Apply patches, configure
    , compile and install files from git repo (refer to README file)

    Restart sshd
    Code:
     sudo service sshd restart
    Try to make new connection to server by SSH. Did it Worked? Great.

    Now type
    Code:
    ssh -V
    If it says something like
    Code:
    OpenSSH_7.1p2-hpn14v9 Ubuntu-hpn14v9-2~ubuntu16.04.1, OpenSSL 1.0.2g  1 Mar 2016
    Then you did everything correctly. Your high performance SFTP is now ready to use!

    5. Things you need to know about HPN-SSH

    • HPN-SSH is exactly as secure as original openssh is, don't worry about security. It's just about speed.
    • There are almost no cons using HPN-SSH so it should be used everywhere you need fast file transfers
    • You can also set it to turn off encryption after connection was made to speed it up even more but I don't recommend it for torrents
    • HPN-SSH author is currently asking for donations, please consider donating him as this project is very useful for all torrent users.



    6. Test your transfer speed now!

    Before (Openssh-server from official repo)



    After (openssh-server HPN)




    That's all! I hope by writing this guide I will help someone!
    Last edited by GTZero; December 21, 2016, 11:48 AM.

  • #2
    Reserved

    Comment


    • #3
      Guide is ready. Feel free to comment and correct mistakes (if any). Thanks for support!

      Comment


      • #4
        Thanks for the guide GT.

        Once we remove ssh and install HPN, where would I go to edit ssh port so I can connect to the box again? (yes, I am planning on install telnet as back up)

        Comment


        • #5
          Config files are the same as for original SSH as HPN-SSH is only a modification of source code. If you remove ssh and then install hpn version it will automatically use "old" config files so you don't need to change anything.

          Config files for SSH are here
          Code:
          /etc/ssh/sshd_config

          Comment


          • #6
            Originally posted by GTZero View Post
            Config files are the same as for original SSH as HPN-SSH is only a modification of source code. If you remove ssh and then install hpn version it will automatically use "old" config files so you don't need to change anything.

            Config files for SSH are here
            Code:
            /etc/ssh/sshd_config
            Thank you Sir.

            Comment


            • #7
              The system STILL doesn't let me give you any more rep points, but... REP!

              Comment


              • #8
                I hope guide is useful, I would like to see if someone tested it.

                EDIT:: Thanks, I appreciate it!
                Last edited by GTZero; December 26, 2016, 12:46 PM.

                Comment


                • #9
                  Thanks for the guide!

                  Comment

                  Working...
                  X