New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Have you tried running a speed test on your VPS? If you aren't using a VPS for that, instead using the public SSH accounts, then you can't get better than that, it's crap, most of the public servers are heavily abused.
Probably your ssl configuration is poor. Setting sym. crypto to default to aes-128 should easily saturate your pipe. Btw also be sure to use a fast hmac.
How do I make it?
/etc/ssh/ssh_config. There you change the default ciphers/macs (and potentially the available ones). I know of distros where the default is set to 3des or arcfour (both of which are crappy).
I also had an issue with slow browsing speed using a SSH tunnel. The solution for me was to stop using Google's DNS/8.8.8.8 in my VPS (/etc/resolv.conf) and use the OpenDNS ones. For some reason, DNS request done by Firefox over the SSH tunnel were really slow, while doing a nslookup on the VPS itself was super snappy. Since I switched to something else, they are both equally fast. YMMV.
Which chipher do you recommend?
aes-128 plus a sensible mac. chacha-20-12 (or 20-20 if it's supersensitive) plus 25519 is also fine.
No. dns can explain very slow session establishment but not a slow channel.
You're 100% right that it only affects session establishment, and it's exactly what was causing the slow browsing issue I faced. When you load a page, dozens of DNS requests are done while loading the various elements that are not hosted on the same domain (trackers, ads, JS librairies import, static assets in CDN, etc).
Once the channel is established, it's blazing fast, but browsing the web doesn't feel snappy at all if your browser has to wait for every name resolution to be fully completed before it can fully render a page.
That being said, it also depends on what OP is trying to achieve. If it's a download, well yeah, problem is somewhere else.
@bsdguy: I respect you as a member of this community as you seems very knowledgeable, but please don't assume that everyone else is a noob
CPU usage on the tunnel server during download/upload ?
use OpenVPN please..
Funny. I tried to help and now stand accused of thinking others are noobs ...
As for dns: Unless one opens a new page from a new domain every couple seconds - and - dns is routed through the SSH tunnel, too (which is not default or common) dns does not explain the problem.
btw, I just checked the google ns and found it to be very quick.
Please turn off your antivirus in your pc and try again.
Not a very bright idea since browsing is involved...
Please stop using antivirus software.
Shoot the turtle.
Nah... Winblows Defender is cute xD. Filtering at the dns level helps as well.