secure file transfer?

destrekor

Lifer
Nov 18, 2005
28,799
359
126
http://waste.sourceforge.net/

that is what WASTE is
we are trying to set something up here at school to access files at home and we need highspeed transfers.. the network will support extremely high transfer speeds, so bandwidth is not a problem. but waste doesn't provide the speeds that we need, and SFTP does not either.

is there anything out there that will provide the ability for multiple users to connect to the server/remote host and all gain as fast as speeds as the link supports? and it needs to be secured/encrypted... regular FTP, while it would solve bandwidth concerns, does not provide the security. transfers need to be encrypted so activity cannot be viewed.

thanks
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
well i understand there will be overhead
all encryption normally causes overhead, does it not?

here's the thing.. at night the network provides the ability of roughly 100mbps on the WAN link, and most of us that want access from home have a 5mbps cable connection. Theoretically, we should all be able to max out our cable connections, even with overhead, would we not? How much overhead will encryption cause?

sftp was giving a downspeed of like 5KB/s down (5mbps provides about 550+ KB/s), and WASTE was giving about 40-80KB/s
sure we are being picky, but we kind of need higher-speed transfers, we have large files and can't tie up that link forever.

thanks
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Have you tried the high performance patches for OpenSSH?

What's your upload (5mb is typically the download)?
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
our upload from home is about 384kbps
but the upload/download from school is 100mbps, and we wouldn't be uploading much... we just want to focus on getting as close to the 5mbps down from the school server to our homes
this should be possible

we are looking for a GUI, does OpenSSH (SFTP, I assume?) provide a GUI?
and what is that patch you speak of?

either way if its possible we would like to dodge SSH/SFTP altogether
 

skace

Lifer
Jan 23, 2001
14,488
7
81
Originally posted by: destrekor
well i understand there will be overhead
all encryption normally causes overhead, does it not?

here's the thing.. at night the network provides the ability of roughly 100mbps on the WAN link, and most of us that want access from home have a 5mbps cable connection. Theoretically, we should all be able to max out our cable connections, even with overhead, would we not? How much overhead will encryption cause?

sftp was giving a downspeed of like 5KB/s down (5mbps provides about 550+ KB/s), and WASTE was giving about 40-80KB/s
sure we are being picky, but we kind of need higher-speed transfers, we have large files and can't tie up that link forever.

thanks

Do you have any tests that prove you would get 5mb/s from home unencrypted? Or is this all theoretical. The reason I am asking is because WASTE has always been pretty accurate for me outside of the obvious overhead. I've never tried to pull 5mbs, is someone monitoring the server while these transactions are occuring to see if it can handle the load?

Have you done waste tests internally?

IE: If you setup WASTE on 1 server and connect to it via a bunch of internal clients and pull 10mbs then you know the server and the application are not your limitations, you've directly narrowed it down to your external communication.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: destrekor
our upload from home is about 384kbps
but the upload/download from school is 100mbps, and we wouldn't be uploading much... we just want to focus on getting as close to the 5mbps down from the school server to our homes
this should be possible

I read the earlier posts wrong. Upload shouldn't be too much of an issue. :eek:

we are looking for a GUI, does OpenSSH (SFTP, I assume?) provide a GUI?

No, but there are GUIs out there if you swing that way. WinSCP is something I use at work.

and what is that patch you speak of?

"high performance scp" in google provided the link.

But to quote an OpenSSH developer:
the "HPN" patch greatly improves throughput for long and fat (high
bandwidth, high latency) connections, but slows things down
significantly for low latency connections. One of the OpenSSH developers
saw around a 15% slowdown on LAN to LAN copies.

It needs work.

either way if its possible we would like to dodge SSH/SFTP altogether

Why?
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
there may be a limitation
I will have to bring it up in class tomorrow and attempt it, although I wanna say we did..
actually we did not.. we did everything using remote desktop to our home computers, never did it through the LAN

the server is a beefy RAID machine (like 2 or 3tb of storage) and has provided great throughput when multiple clients in class were pulling files off of it
and we never did a non-secure test, because of the fact that it wouldn't be secure.
its unlikely that we'd get the 100mbps, but should get a decent amount of that. And unless every single person in class was pulling the max they could off the server, say only a few people, then we should still get close to maximum throughput. that 100mbps is a shared fiber link between a few school systems, but at night its not likely that anybody would be using that bandwidth. I mean, I'd have to think that we are about the only class that would be using the bandwidth to move files at night. Most file transfers are all inside of the network, with the exception of downloads that usually only happen during the schoolday. At night that bandwidth should be freed up.
 

skace

Lifer
Jan 23, 2001
14,488
7
81
Well, I'd suggest doing the WASTE test on the internal LAN and if it works fine, you've found a flaw in your theory that you would actually get 5mbs to your home connections. Then I suppose you'd need to find more information about what hops you are going through to go from that server to your home pc and where the slowdown might be.
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
the reason we want to dodge SFTP, is last time they configured it, it took a long time and was complicated and didn't even end up providing the bandwidth.
I likely wouldnt be able to set it up myself, it would be the teacher or maybe the teacher and myself working together. But the fact remains that we are looking for an easy way out, I guess is how it should be put. We aren't afraid of a few configurations, but they said it took some work configuring it. I am not sure what was involved in the setup, so I cannot speak for either them or myself when it comes to the hassle of setting it up. I am going from word of mouth.

so if we use SFTP, that patch seems like what we would need. BUT, does it work for all SFTP clients? I was looking at freeFTPd as the server and WinSCP for the client.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
The patch is for OpenSSH, which is the best server out there. It should be included and already configured, unless you're using a brain dead OS. I'm not sure if it works for all clients, I haven't tested it or read through it.
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
the box has Windows Server 2003 on it, so I'd assume its included then? So we just have to start the service then, I'd assume by pointing to what directories to include? Then we just use a compatible client?
and this is completely secure? none of the transfers can be logged and the files being transferred can't be seen?
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: destrekor
the box has Windows Server 2003 on it, so I'd assume its included then? So we just have to start the service then, I'd assume by pointing to what directories to include? Then we just use a compatible client?

You've installed one of the brain dead OSes. I'd suggest you install a better one.

and this is completely secure? none of the transfers can be logged and the files being transferred can't be seen?

Nothing is completely secure. But transfers aren't logged, so you can transfer as much donkey porn as you want, and files are encrypted.
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
its not my choice what OS is on the box, its not mine. its the networking teacher's/class's box
so we'll have to download OpenSSH? Is it Windows compatible?
and actually Server 2003 is a much better OS than one might think. Sure its not Linux server OS, but its still great and mighty stable.
and i truely prefer linux servers too
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: destrekor
its not my choice what OS is on the box, its not mine. its the networking teacher's/class's box
so we'll have to download OpenSSH? Is it Windows compatible?

No idea. I'm sure Microsoft has some kind of encrypted file sharing technology. Right?

Why not PGP the files on the server and use regular FTP?

and actually Server 2003 is a much better OS than one might think. Sure its not Linux server OS, but its still great and mighty stable.
and i truely prefer linux servers too

I don't care much for Linux. It's ok, I guess.
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
what server do you use thats not braindead then? Some build of Unix, an Apple OS X server, or Sun? just curious

and PGP?
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: destrekor
what server do you use thats not braindead then? Some build of Unix, an Apple OS X server, or Sun? just curious

Linux isn't braindead, it's just annoying. Every OS is annoying, to a degree. :p

I use Linux, OpenBSD, and Solaris on the server front. On the desktop I generally use OpenBSD and Mac OS X.

I'd like to throw some DragonflyBSD and NetBSD in there too, but I'm short on time/money.


Pretty Good Privacy. You can encrypt and sign files.
 

skace

Lifer
Jan 23, 2001
14,488
7
81
Surprised you didn't do the WASTE test yet. Most simple thing. I mean, as far as I've read, you haven't done a single internal test with any applications and all of your expected speed results are theoretical. That would be like me assuming I will get 1gbs from home because my wan here is 1gbs. Doesn't happen, I don't even get 1gbs here. There's overhead, theres contention, saturation of certian switches, etc.
 

destrekor

Lifer
Nov 18, 2005
28,799
359
126
sure we're basing our expectations on theoretical speeds, but even with layer1 and layer 2 problems, the fact remains the school is connected to the internet via a shared 100mbps fiber line. at night, we should get most, if not all of that bandwidth.
even with ONE person connecting, and all the issues with the connection possible, and that bandwidth not being dedicated... one person should be able to max out their down speed at home. theoretical or not...
and tomorrow or friday (friday guaranteed) I will get a chance to personally mess around Waste internally
I am also attempting to configure OpenSSH For Windows... blah way too much fun with that to try anything else ;)
 

hooflung

Golden Member
Dec 31, 2004
1,190
1
0
You will never tap 5 mb out of one connection client/server connection over most broadband companies where you data cap is 5 mb. Doesn't matter about the upload speed in this matter, cable and dsl companies limit you. Not to mention you want to use RSA encryption. You may tap 5 mb out of multiples however client/server connections. Seems to me you just need to use trillian and all have winscp connected to an STFP server on the win2k3 server at school.