Somewhere along learning how to build my own blog and LAMP stack, I stumbled across HPN-SSH – a project to improve network performance in SCP file transfers.You can read more about it here.

This is how you can install it:

Install required software for compiling and patching OpenSSH/HPN-SSH:

Download latest versions of OpenSSH portable and HPN-SSH patch into /usr/src:

Extract OpenSSH:

Change directory in extracted folder and apply patch:

Configure OpenSSH:

Remove old config files to prevent any conflicts:

Compile and install:

Now we have the newest version of OpenSSH installed and patched with the improvements from HPN-SSH; however we still need to make some changes to the /etc/ssh/sshd_config to take advantage of them. Near the bottom of your config file you will see a section for HPN related options; I used the following options from other guides I found:

Another important thing to note is that the new sshd config file will reset some of your options like PermitRootLogin so be sure to check those. On my system the SyslogFacility option was commented out so the ssh related messages were logged to /var/log/messages instead of /var/log/secure; this subsequently broke my fail2ban setup since fail2ban was looking for failed authentications in /var/log/secure. To fix this I had to change the SyslogFacility option to:

Don’t forget to restart sshd when you’re finished: