Hi,

I have recently set up xinetd to manage sshd on a server. The problem is that there is approximately a 2 minute delay before ssh authentication (publickey or password) when logging in from some but not all locations. I have determined that this is a firewall related issue. When logging in from windows xp via cygwin+ssh on a certain computer I get the 2 minute delay if either the windows firewall is enabled or if the computer is not placed in the router's dmz. On another computer that is connected to the net via verizon dsl I can't connect w/o the delay even if I'm directly connected to the router and the windows firewall is disabled. Also, if the server runs sshd without xinetd there is never a delay (I need to use xinetd for security purposes).

It seems that there is a handshake that takes place in xinetd or sshd which must time out if certain ports on the client side aren't open. sshd is being launched with the -i flag appropriately. I have looked at the sshd code and can't find a handshake specific to the -i flag, so I think that the problem lies with xinetd.

The question is: what port or ports do I need to enable on the client side? I don't know much about networking so any advice at all is greatly appreciated.

Thanks,
Shawn Lewis