Skip to content
Snippets Groups Projects
New look: Off

Performance issues when cloning over ssh

    • Closed (duplicated) Issue created by Alad Wenter @alad

    Since git clones over https for the AUR are now rate-limited (see commit a144aa45), some dependency chains like ros-noetic-desktop can only be reasonably retrieved over SSH. However, I have very low performance when cloning over ssh:

    Benchmark 1: git clone ssh://aur@aur.archlinux.org/aurutils.git output-$RANDOM
  Time (mean ± σ):      5.536 s ±  0.057 s    [User: 0.099 s, System: 0.004 s]
  Range (min … max):    5.452 s …  5.631 s    10 runs

    Debug log with time stamps:

    ❯ GIT_SSH_COMMAND='ssh -v' git clone ssh://aur@aur.archlinux.org/aurutils.git output-$RANDOM |& ts
Jul 27 13:07:24 Cloning into 'output-19217'...
Jul 27 13:07:24 OpenSSH_9.0p1, OpenSSL 1.1.1o  3 May 2022
Jul 27 13:07:24 debug1: Reading configuration data /home/archie/.ssh/config
Jul 27 13:07:24 debug1: /home/archie/.ssh/config line 4: Applying options for aur.archlinux.org
Jul 27 13:07:24 debug1: Reading configuration data /etc/ssh/ssh_config
Jul 27 13:07:24 debug1: Connecting to aur.archlinux.org [95.216.144.15] port 22.
Jul 27 13:07:24 debug1: Connection established.
Jul 27 13:07:24 debug1: identity file /home/archie/.ssh/id_aur type 0
Jul 27 13:07:24 debug1: identity file /home/archie/.ssh/id_aur-cert type -1
Jul 27 13:07:24 debug1: Local version string SSH-2.0-OpenSSH_9.0
Jul 27 13:07:24 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.0
Jul 27 13:07:24 debug1: compat_banner: match: OpenSSH_9.0 pat OpenSSH* compat 0x04000000
Jul 27 13:07:24 debug1: Authenticating to aur.archlinux.org:22 as 'aur'
Jul 27 13:07:24 debug1: load_hostkeys: fopen /home/archie/.ssh/known_hosts2: No such file or directory
Jul 27 13:07:24 debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
Jul 27 13:07:24 debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
Jul 27 13:07:24 debug1: SSH2_MSG_KEXINIT sent
Jul 27 13:07:24 debug1: SSH2_MSG_KEXINIT received
Jul 27 13:07:24 debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com
Jul 27 13:07:24 debug1: kex: host key algorithm: ssh-ed25519
Jul 27 13:07:24 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
Jul 27 13:07:24 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
Jul 27 13:07:24 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Jul 27 13:07:24 debug1: SSH2_MSG_KEX_ECDH_REPLY received
Jul 27 13:07:24 debug1: Server host key: ssh-ed25519 SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
Jul 27 13:07:24 debug1: load_hostkeys: fopen /home/archie/.ssh/known_hosts2: No such file or directory
Jul 27 13:07:24 debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
Jul 27 13:07:24 debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
Jul 27 13:07:24 debug1: Host 'aur.archlinux.org' is known and matches the ED25519 host key.
Jul 27 13:07:24 debug1: Found key in /home/archie/.ssh/known_hosts:4
Jul 27 13:07:24 debug1: rekey out after 134217728 blocks
Jul 27 13:07:24 debug1: SSH2_MSG_NEWKEYS sent
Jul 27 13:07:24 debug1: expecting SSH2_MSG_NEWKEYS
Jul 27 13:07:24 debug1: SSH2_MSG_NEWKEYS received
Jul 27 13:07:24 debug1: rekey in after 134217728 blocks
Jul 27 13:07:24 debug1: get_agent_identities: bound agent to hostkey
Jul 27 13:07:24 debug1: get_agent_identities: agent returned 3 keys
Jul 27 13:07:24 debug1: Will attempt key: /home/archie/.ssh/id_aur RSA SHA256:JiMhjGb21c6uUSaD/pUQFiHF4MHA0FFJDEYWUmzyNls explicit agent
Jul 27 13:07:24 debug1: Will attempt key: archie@fujitsu RSA SHA256:Win29U7ugDdU+LbvUkre6cgak2RLngvPJY5fjcIBA+U agent
Jul 27 13:07:24 debug1: Will attempt key: user@enotty ED25519 SHA256:fBI8pO2OZHdRr48HeRDZWqGLOMxNBL1SMfDmgRhB8MA agent
Jul 27 13:07:24 debug1: SSH2_MSG_EXT_INFO received
Jul 27 13:07:24 debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
Jul 27 13:07:24 debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
Jul 27 13:07:24 debug1: SSH2_MSG_SERVICE_ACCEPT received
Jul 27 13:07:24 debug1: Authentications that can continue: publickey
Jul 27 13:07:24 debug1: Next authentication method: publickey
Jul 27 13:07:24 debug1: Offering public key: /home/archie/.ssh/id_aur RSA SHA256:JiMhjGb21c6uUSaD/pUQFiHF4MHA0FFJDEYWUmzyNls explicit agent
Jul 27 13:07:25 debug1: Server accepts key: /home/archie/.ssh/id_aur RSA SHA256:JiMhjGb21c6uUSaD/pUQFiHF4MHA0FFJDEYWUmzyNls explicit agent
Jul 27 13:07:28 Authenticated to aur.archlinux.org ([95.216.144.15]:22) using "publickey".
Jul 27 13:07:28 debug1: channel 0: new [client-session]
Jul 27 13:07:28 debug1: Requesting no-more-sessions@openssh.com
Jul 27 13:07:28 debug1: Entering interactive session.
Jul 27 13:07:28 debug1: pledge: filesystem
Jul 27 13:07:28 debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
Jul 27 13:07:28 debug1: client_input_hostkeys: searching /home/archie/.ssh/known_hosts for aur.archlinux.org / (none)
Jul 27 13:07:28 debug1: client_input_hostkeys: searching /home/archie/.ssh/known_hosts2 for aur.archlinux.org / (none)
Jul 27 13:07:28 debug1: client_input_hostkeys: hostkeys file /home/archie/.ssh/known_hosts2 does not exist
Jul 27 13:07:28 debug1: client_input_hostkeys: no new or deprecated keys from server
Jul 27 13:07:28 debug1: Remote: /usr/local/bin/aurweb-git-auth.sh "%t" "%k":1: key options: command
Jul 27 13:07:28 debug1: Remote: /usr/local/bin/aurweb-git-auth.sh "%t" "%k":1: key options: command
Jul 27 13:07:28 debug1: Sending environment.
Jul 27 13:07:28 debug1: channel 0: setting env GIT_PROTOCOL = "version=2"
Jul 27 13:07:28 debug1: Sending command: git-upload-pack '/aurutils.git'
Jul 27 13:07:29 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Jul 27 13:07:29 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
Jul 27 13:07:29 debug1: channel 0: free: client-session, nchannels 1
Jul 27 13:07:29 Transferred: sent 4384, received 133096 bytes, in 1.6 seconds
Jul 27 13:07:29 Bytes per second: sent 2767.3, received 84012.6
Jul 27 13:07:29 debug1: Exit status 0

    According to the log the main delay is in verifying the public key.

    Jul 27 13:07:25 debug1: Server accepts key: /home/archie/.ssh/id_aur RSA SHA256:JiMhjGb21c6uUSaD/pUQFiHF4MHA0FFJDEYWUmzyNls explicit agent
Jul 27 13:07:28 Authenticated to aur.archlinux.org ([95.216.144.15]:22) using "publickey".
    To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

    Child items ...

    • Activity

    Please register or sign in to reply