How well does authorized_keys scale?

Question

If I'm using something like gitolite to handle access control how well does authorized_keys scale? Meaning if I have say 50,000 users what will the performance be like (I'm guessing not very good). What are the alternatives?

Update: I decided to do some testing myself (which I should have done in the first place). I wrote a simple script to generate SSH keys and add them to a authorized_keys file. My computer isn't that fast so I only generated 8,061 keys and then added my own to the end, the file ended up being 3.1MB. I then added a git repository with one file and ran git clone three times:

With 8,061 keys (Mine is at the end of the file)
real    0m0.442s
real    0m0.447s
real    0m0.458s

With just a single key:
real    0m0.248s
real    0m0.264s
real    0m0.255s

The performance is much better than I thought it would be. I'm still very interested in any alternatives that may be ~~faster~~ more efficient for a large group of keys 50,000+.

score 8 · Accepted Answer · edited Jul 11 '13 at 20:28

You can actually see the efficiency on GitHub as to how fast this is. You are not going to cause a significant bottleneck with that many keys.

Though as documented in their blog from 2009, they have changed how ssh keys are retrieved, from a database. Hat Tip: @Jeremey

But, you created over 8k keys, you can test again with 50k keys.

Those keys don't need to be valid keys, just write a generator and write the file and then append yours to the end.

How well does authorized_keys scale?

1 Answers1