[CentOS] Any way to reduce CPU use of OpenSSH?

Michael Iatrou m.iatrou at freemail.gr
Fri Dec 12 12:04:39 UTC 2008

When the date was Thursday 11 December 2008, Steve Snyder wrote:

> On my CentOS v5.2 server (dual Pentium4) the OpenSSH daemon stands out
> as being the most CPU-intensive of the applications running, It's used
> 176 minutes of CPU time in the last 2 days alone.
> Is there any way to lower the CPU utilization without compromising
> security? (I.e. without using a less processor-intensive
> encrypt/decrypt algorithm?)
> I'm getting the CPU use figures from top, so there no fine-grained info
> on exactly what code is taking so much time.  I'm assuming that the
> bulk of the time is spent in the OpenSSL libraries.
> Is there some hardware add-on or processor-specific optimization that
> would reduce the CPU load incurred by OpenSSH?

You can customize you sshd_config to avoid heavy-weight ciphers. The 
following is a reasonable order:

Well, actually, just stay away from 3des. Also, you should disable 

man 5 sshd_config

 Michael Iatrou (cwfo)

More information about the CentOS mailing list