I would like to be able to limit SSH bandwidth on my server. I.e. each sshd process should be limited to 200Kb/s or something like that.
scp has this functionality, but ssh, being more designed for responsive interactive use, doesn't seem to have this option. I however, would like to combine the -D (SOCKS proxy) functionality with some ability to somehow limit traffic.
Are there any options for this at all?
I'm not sure if trusting users is part of the equation, but trickle is very handy for limiting the speed of a given command. When I upload packages from home, the WoW-addict roommates notice when I forget something like that, since it pretty much dominates the pipe.
scp -l 8192 file.txt user_name@111.111.1.11:/tmp
//8192 = 8192 KB per second
I know this thread is quite old, but hope this will help someone.
There are a few options.
A common one is to implement QoS on Port 22 on a firewall/router between the server and the clients.
If they are on the same local network (i.e. no routers or firewalls between them), I believe you can use IPTables to limit bandwidth to port 22... Have a look here for more information on how to do this.
It would be worth looking into implementing HTB traffic shaping using tc. My solution to a simular problem was to use the htb.init script found at http://sourceforge.net/projects/htbinit/
I set it up based on limiting traffic from port 22, but you can also use iptables to mark/mangle the packets which are then processed based on the mark.
You could look at something like iprelay:
User-space bandwidth shaping TCP proxy daemon
iprelay can shape the TCP traffic forwarded through it to a specified
bandwidth and allow this bandwidth to be changed on-the-fly. Multiple
data streams to different sockets may be shaped to the same total
bandwidth, much like a traffic shaping router would. However, this
application runs in user space, and works by acting as a TCP proxy.
