FTP/FTPS/SFTP/SCP - Speed comparison

networking ftp web scp host
116,020

Solution 1

If you have a fast wide-area network you will find that sftp and scp are about the same speed, which is slow. They both suffer from performance problems in the underlying openssh. With modern hardware, this is not due to encryption overhead, but rather due to problems with the openssh implementation - it implements its own internal windowing mechanism which breaks down on fast connections.

These problems become more obvious on long-distance (higher latency) connections, but I've experienced slowness even on LANs.

These are well-documented, and patches are available to fix the problem. Patching either end of the connection can help; ideally you'd patch both ends. For more info and the patches, see High Performance SSH at Pittsburgh Supercomputer Center.

BTW, encryption overhead can become an issue too, once the windowing problem is solved. The patches have fixes for that too.

Meanwhile, you will find that ftp is woefully insecure; it sends passwords in plain-text.

ftps I think wraps the ftp protocol in SSL. it's probably faster than unpatched SFTP/SCP.

One final note: in my experience, the WinSCP client is (at least sometimes) painfully slow. I don't know why, but based on their FAQ I'm not the only person who's had this problem. So if you're scp'ing from Windows, and it seems slow, try a different client. Even with an unpatched openssh server, you can do much, much better with a different client. I'm not sure which are good clients, unfortunately, other than presumably plain pscp from Putty.

Solution 2

In general all of the protocols will perform about the same. You are more likely to be limited by the speed of your network or disk than by the protocol.

Older versions of OpenSSH (SFTP/SCP) used a fixed window size that will limit the speed over high latency networks (say trans-atlantic). There is a patch set to fix this problem called HPN (High performance networking) and it is included in most modern installs of OpenSSH.

If you are running in to a situation such as a gigabit or faster LAN link and a slower CPU then SFTP/SCP may run into a bottleneck. You'll be able to tell because the ssh/scp/sftp process will be using 100% of cpu on the sending or receiving hosting. If you are using a newer version of OpenSSH (6.4+) you can enable a threaded version of the AES cipher that will be able to use more than 1 core to handle the encryption and will be less likely to be limited by CPU rather than disk or network bandwidth.

If you control both the sending and receiving side, OpenSSH 6+ also has an optional 'NONECIPHER' mode. This uses the regular encryption/keys etc to login to the remote machine, but then drops to an unencrypted connection for the actual file copying. This will remove that CPU overhead. There are safeguards built in to the NONECIPHER than prevent you from getting a shell that is not encrypted.

In the end the protocol should not be the limitation on speed, although older versions of ssh do have trouble with high latency links.

Solution 3

Based on encryption overhead, I'd say that plain FTP probably has slightly better performance than the other protocols, but it's probably negligible. I'd use the protocol that provides the security you need first, then worry about throughput.

That being said, you'll have to set up a test to find the real numbers. Everything above is just my opinion. If you're testing performance locally, set up a server on your network. If the end use will be over the internet, test from an external host.

Solution 4

As always, google holds the answers,
FTP v/s SFTP v/s FTPS
Which says FTP > FTPS > SFTP
FTP also appears to be faster than SCP in someone else's test(http://www.lysesoft.com/support/forums/viewtopic.php?f=5&t=542) but I'd recommend trying it for yourself to see.
So just set up SCP and FTP on any random box on your network, then run a typical file transfer and see how long it takes on both

Share:
116,020
Graham
Author by

Graham

Updated on September 18, 2022

Comments

  • Graham
    Graham over 1 year

    How do FTP, FTPS, SFTP, and SCP compare in terms of transfer rate and how can I compare them through testing?

    • ceejayoz
      ceejayoz over 10 years
      Speed isn't the important difference between FTP and the others.
    • Dan Pritts
      Dan Pritts almost 7 years
      I'm not sure why this was voted off-topic. It is certainly very relevant to my work as a professional sysadmin - why weren't file transfers using anywhere near the bandwidth of the entire connection path?
    • Aaron
      Aaron almost 7 years
      You can compensate for the speed difference of SFTP by using multiple TCP connections driven by LFTP and the mirror subsystem using SFTP without sacrificing security. It can even use multiple threads for one single large file.
  • Dan Pritts
    Dan Pritts over 10 years
    why do you say FTP is an internet protocol and SCP for the LAN?
  • Dan Pritts
    Dan Pritts over 10 years
    Ah, I see you got that from the linked eHow article. eHow is wrong. Both protocols were designed for Internet usage. The article has several other errors; the writer clearly doesn't know what he/she is talking about.
  • Admin
    Admin over 10 years
    Now that I think about it, you're right, I probably should have checked.
  • Jason
    Jason over 10 years
    Sites like eHow never know what they are talking about.
  • Jason
    Jason over 10 years
    Finally. Someone who knows what they are talking about. Yes, FTPS is basically FTP in the SSL. SFTP/SCP will always be slower then when using FTP
  • graywolf
    graywolf about 8 years
    Do you have any idea why I get 300 kb/s with scp while getting around 10 Mb/s (nearly max speed) with sftp? That doesn't seem to be "about the same speed". This is over 100Mbps ethernet.
  • Gomibushi
    Gomibushi almost 8 years
    The performance overhead is orders of magnitudes, not slight. Closer to 10x than 2x slower. I was surprised myself.
  • Dan Pritts
    Dan Pritts almost 8 years
    Best guess, your scp is a flawed implementation (e.g. WinSCP), but your sftp isn't. Even if they are in the same GUI wrapper, they might be different on the inside.
  • Gabriel Staples
    Gabriel Staples over 6 years
    Dan, any idea why this SSH Patch isn't applied to the main OpenSSH? Clearly it's 1~2 orders of magnitude better (>10x even on a 100Mbps LAN) so why isn't this the new OpenSSH standard? How can we make it so?
  • Dan Pritts
    Dan Pritts over 6 years
    My understanding is that PSC submitted the patches to the openbsd folks (who write openssh). They were not interested. I heard vague statements that none of the openbsd people had high-bandwidth connections and they didn't notice any issues, and/or necessarily believe there was a real problem. This was several years ago, and is hearsay, so I can't vouch for its accuracy.
  • bparker
    bparker about 6 years
    I just tried HPN-SSH (installed on both ends) and it didn't help at all. scp/rsync transfers are still 3mbps while the same file over http is 100mbps.
  • Dan Pritts
    Dan Pritts about 6 years
    are you perhaps on really low-powered hardware? Raspberry Pi or something?
  • bparker
    bparker almost 6 years
    Nope @DanPritts, both machines are Core i7 with plenty of RAM and fast disks, about 60ms apart from each other network wise.
  • Dan Pritts
    Dan Pritts almost 6 years
    best guess is that you aren't really running the HPN version on one end or the other. Which isn't much help, I know, but if you haven't double checked, you should.
  • FireController1847
    FireController1847 over 3 years
    As of 2020, is HPN-SSH included in OpenSSH at this point, or is it still something that needs to be separately installed?
  • Dan Pritts
    Dan Pritts over 3 years
    See github.com/rapier1/openssh-portable/blob/master/HPN-README. The repo shows changes 27 days ago, so I expect the answer is that you still need to use it. It's possible they have incorporated some, but not all, of the HPN changes in mainline. I haven't been using it for a while since my performance needs are modest in my current situation so I'm not up on the details. You should also check with your distribution, which may have installed the patches for you.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why does SCP hang on copying files larger than 1405 bytes?
Unable to load network image of a YouTube thumbnail Flutter Web
Webpage doesn't update after changing files via FTP
Connection to FTP Always Refused
Setting up a network between a host and guest virtual machine
How to make scp go faster?
How to mount a network drive?
Using scp to copy files from remote to home machine
How to access my FTP from Internet?
Port 21 is open but I can't connect to FTP server