LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Slow SSH Login (https://www.linuxquestions.org/questions/linux-server-73/slow-ssh-login-920073/)

Tyler_H72 12-22-2011 01:06 PM
Slow SSH Login
 
My SSH login is fairly slow on one of my servers (~60s). I have seen the threads recommending turning off DNS lookups, which I did some time ago, but it hasn't made a difference. I have run SSH with the verbose flag, and the output shows that the authentication and such is all working quickly, but after it displays the MOTD, it just hangs there. There is no further output from the SSH command for up to 60s, then it finally gives me a prompt. Any ideas what could be causing this? There is no mention in this output of GSSAPI authentication either, which is pretty much the only other lead I've found from googling the issue. Let me know if you need further information.

acid_kewpie 12-22-2011 01:31 PM
run the server in verbose non-daemon mode and look then. You'll seldom get anything useful back from the server, as that in itself could form a security breach.

Tyler_H72 12-22-2011 01:53 PM
How do I go about running it that way? I've never used an SSH server in non-daemon mode.

anomie 12-22-2011 03:17 PM
Just want to make sure I'm understanding this:
  1. ssh handshake is quick;
  2. password prompt appears quickly;
  3. after entering the password, it takes ~60 seconds for the shell prompt to appear

That correct? And what OS / version?

Tyler_H72 12-22-2011 03:59 PM
That's correct, and it's OpenSuSE 10.3. Probably ought to upgrade it at some point, but I have other servers that are more important right now.

anomie 12-22-2011 04:21 PM
Not sure where Opensuse logs its syslogd(8) AUTH facility messages. That would be the first thing to figure out. (Perhaps by checking /etc/syslog.conf, assuming Opensuse even uses that!) It would be a good idea to at least check out sshd's chatter in the logs. On RHEL systems, that would be /var/log/secure. And on Debian systems, it's /var/log/auth.log.

As for testing acid_kewpie's suggestion, you can run sshd(8) in non-daemon mode with the -D option. See its manpages for more options and their meanings. You're probably going to want physical console (or ILOM, DRAC, whatever) access to the server while doing this testing.

Tyler_H72 12-22-2011 04:34 PM
I just checked the main logs on the server (/var/log/messages) and I found one line that might be related: "sshd[25971]: subsystem request for sftp". Not sure if that is relevant or not, but thought it was worth a shot. The other log files mentioned are non-existent on this system.


All times are GMT -5. The time now is 04:49 PM.