Ssh provides more than 1 algorithm for encryption of session data. Is the performance of each different ? If so, which is the best one?
答案1
[...] algorithm for encryption of session data.
You can find out what ciphers your client and server supports using (if you have quite recent version):
ssh -Q cipher
sshd -T | grep ciphers
There is a lot of ancient ciphers, that are fast, but no longer considered secure (3des-cbc, blowfish-cbc, arcfour).
The reasonable one is aes*-* (different modes and key sizes from 128 to 256), which is usually implemented as special instruction in processor and makes it really fast.
Current default is [email protected], which is combination of cipher and MAC (Message authentication code) and does also good job.
In this case, key generation is completely unrelated, because it is used only for establishing session, host and client verification/authentication, but not for encryption of session data.