2

I have a SFTP server in which large number of clients are connecting, uploading and downloading files of small size (500KB to 2MB). Though there are 200 clients, only 5 to 30 clients will connect at a time. Each clients might download/upload 5 to 100 files at a time.

Some of my clients face timeouts/issues while uploading large number of files. My intention is to speed up the clients connection and permit large number of parallel connections. Server load is not a concern for me. Please suggest a good, high performance configuration for my server.

My sshd settings are below

# sshd -T port 22 protocol 2 addressfamily any listenaddress 0.0.0.0:22 listenaddress [::]:22 usepam 1 serverkeybits 768 logingracetime 120 keyregenerationinterval 3600 x11displayoffset 10 maxauthtries 6 maxsessions 10 clientaliveinterval 0 clientalivecountmax 3 permitrootlogin yes ignorerhosts yes ignoreuserknownhosts no rhostsrsaauthentication no hostbasedauthentication no hostbasedusesnamefrompacketonly no rsaauthentication yes pubkeyauthentication yes kerberosauthentication no kerberosorlocalpasswd yes kerberosticketcleanup yes gssapiauthentication no gssapikeyexchange no gssapicleanupcredentials yes gssapistrictacceptorcheck yes gssapistorecredentialsonrekey no passwordauthentication yes kbdinteractiveauthentication no challengeresponseauthentication no printmotd no printlastlog yes x11forwarding yes x11uselocalhost yes strictmodes yes tcpkeepalive yes permitblacklistedkeys no permitemptypasswords no permituserenvironment no uselogin no compression delayed gatewayports no usedns yes allowtcpforwarding yes useprivilegeseparation yes pidfile /var/run/sshd.pid xauthlocation /usr/bin/xauth loglevel VERBOSE syslogfacility AUTH authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2 hostkey /etc/ssh/ssh_host_rsa_key hostkey /etc/ssh/ssh_host_dsa_key hostkey /etc/ssh/ssh_host_ecdsa_key acceptenv LANG acceptenv LC_* subsystem sftp /usr/lib/openssh/sftp-server -l VERBOSE -f LOCAL5 maxstartups 10:100:10 permittunnel no ipqos lowdelay throughput permitopen any
Improve this question
4
  • What kind of load average does top, uptime, etc. show? You may be chasing your tail with service config, what is happening at network level? How about disk I/O ? Commented Aug 3, 2017 at 4:25
  • @ivanivan : Load average (usually 0.00) and other parameters are fine, it is a very powerful server Commented Aug 3, 2017 at 4:28
  • Then I would focus on the network and network traffic... Commented Aug 3, 2017 at 4:31
  • @ivanivan : Those are okay as this server has no other traffic and is dedicated for this particular purpose. I need some adjustments with maxsessions, maxstartups and any other variables Commented Aug 3, 2017 at 4:34

1 Answer 1

Reset to default
1 
maxstartups 10:100:10

is a problem. I basically starts dropping a new connection when there is 10 clients authenticating at the same time. You should increase the first value if you are serving more than 10 users at the same time.

Additionally, you can consider installing HPN-SSH from

https://sourceforge.net/p/hpnssh/wiki/Home/

Which might have some better performance even in the case of network speed up (but you might hit hard-to-debug bugs).

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.