LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 05-22-2005, 08:36 PM   #1
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374

Rep: Reputation: 47
ssh login takes several minutes


I recently installed freebsd on a spare box to try it out, I am very fluent in linux, but not bsd. Anyway I try to ssh into the freebsd box and it takes several minutes to login.

I ran sshd with the -ddd flag to get debug info, here is what I get:

I am sure it is not all usefull, I will insert comments (denoted by //) where the slowdown are

Code:
root@Thebes# sshd -ddd
debug2: read_server_config: filename /etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.8.1p1 FreeBSD-20040419
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #0 type 2 DSA
debug1: Bind to port 22 on 192.168.0.4.
Server listening on 192.168.0.4 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: res_init()
Connection from 192.168.0.2 port 57958
debug1: Client protocol version 2.0; client software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 FreeBSD-20040419
debug2: Network child is on pid 592
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 22:22
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug3: mm_request_send entering: type 0
debug3: monitor_read: checking request 0
debug3: mm_answer_moduli: got parameters: 1024 1024 8192
debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI
debug3: mm_request_receive_expect entering: type 1
debug3: mm_request_receive entering
debug3: mm_request_send entering: type 1
debug3: mm_choose_dh: remaining 0
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: monitor_read: 0 used once, disabling now
debug3: mm_request_receive entering
debug2: dh_gen_key: priv key bits set: 129/256
debug2: bits set: 539/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 506/1024
debug3: mm_key_sign entering
debug3: mm_request_send entering: type 4
debug3: monitor_read: checking request 4
debug3: mm_answer_sign
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN
debug3: mm_request_receive_expect entering: type 5
debug3: mm_request_receive entering
debug3: mm_answer_sign: signature 0x8076340(55)
debug3: mm_request_send entering: type 5
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: monitor_read: 4 used once, disabling now
debug3: mm_request_receive entering
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
//------------------------------------------------This is where it stalls the longest-----------------------------//
debug3: Trying to reverse map address 192.168.0.2.
//-----------------//
debug1: userauth-request for user exodist service ssh-connection method none
debug1: attempt 0 failures 0
debug3: mm_getpwnamallow entering
debug3: mm_request_send entering: type 6
debug3: monitor_read: checking request 6
debug3: mm_answer_pwnamallowdebug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug3: mm_request_receive entering
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM
debug3: mm_request_receive_expect entering: type 7
debug3: mm_request_receive entering
debug2: input_userauth_request: setting up authctxt for exodist
debug3: mm_inform_authserv entering
debug3: mm_request_send entering: type 3
debug3: monitor_read: checking request 3
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 3 used once, disabling now
debug3: mm_request_receive entering
debug2: input_userauth_request: try method none
Failed none for exodist from 192.168.0.2 port 57958 ssh2
debug1: userauth-request for user exodist service ssh-connection method publickey
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x80779e0
debug1: trying public key file /home/exodist/.ssh/authorized_keys
debug1: matching key found: file /home/exodist/.ssh/authorized_keys, line 1
Found matching RSA key: 2f:2e:01:22:8d:30:21:63:2e:68:fa:8f:80:df:0b:d8
debug3: mm_answer_keyallowed: key 0x80779e0 is allowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
Postponed publickey for exodist from 192.168.0.2 port 57958 ssh2
debug1: userauth-request for user exodist service ssh-connection method publickey
debug1: attempt 2 failures 1
debug2: input_userauth_request: try method publickey
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x8077a40
debug1: trying public key file /home/exodist/.ssh/authorized_keys
debug1: matching key found: file /home/exodist/.ssh/authorized_keys, line 1
Found matching RSA key: 2f:2e:01:22:8d:30:21:63:2e:68:fa:8f:80:df:0b:d8
debug3: mm_answer_keyallowed: key 0x8077a40 is allowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_verify entering
debug3: mm_request_send entering: type 22
debug3: monitor_read: checking request 22
debug1: ssh_rsa_verify: signature correct
debug3: mm_answer_keyverify: key 0x80779c0 signature verified
debug3: mm_request_send entering: type 23
Accepted publickey for exodist from 192.168.0.2 port 57958 ssh2
debug1: monitor_child_preauth: exodist has been authenticated by privileged process
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_request_receive_expect entering: type 24
debug3: mm_request_receive entering
debug3: mm_key_verify: waiting for MONITOR_ANS_KEYVERIFY
debug3: mm_request_receive_expect entering: type 23
debug3: mm_request_receive entering
debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsaAccepted publickey for exodist from 192.168.0.2 port 57958 ssh2
debug3: mm_send_keystate: Sending new keys: 0x8076440 0x8076400
debug3: mm_newkeys_to_blob: converting 0x8076440
debug3: mm_newkeys_to_blob: converting 0x8076400
debug3: mm_send_keystate: New keys have been sent
debug3: mm_send_keystate: Sending compression state
debug3: mm_request_send entering: type 24
debug3: mm_newkeys_from_blob: 0x8075380(118)
debug2: mac_init: found hmac-md5
debug3: mm_get_keystate: Waiting for second key
debug3: mm_newkeys_from_blob: 0x8075380(118)
debug2: mac_init: found hmac-md5
debug3: mm_get_keystate: Getting compression state
debug3: mm_get_keystate: Getting Network I/O buffers
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug3: mm_send_keystate: Finished sending state
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 3 setting O_NONBLOCK
debug2: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 65536 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/ttyp2
debug3: tty_parse_modes: SSH2 n_bytes 256
debug3: tty_parse_modes: ospeed 38400
debug3: tty_parse_modes: ispeed 38400
debug3: tty_parse_modes: 1 3
debug3: tty_parse_modes: 2 28
debug3: tty_parse_modes: 3 127
debug3: tty_parse_modes: 4 21
debug3: tty_parse_modes: 5 4
debug3: tty_parse_modes: 6 0
debug3: tty_parse_modes: 7 0
debug3: tty_parse_modes: 8 17
debug3: tty_parse_modes: 9 19
debug3: tty_parse_modes: 10 26
debug3: tty_parse_modes: 12 18
debug3: tty_parse_modes: 13 23
debug3: tty_parse_modes: 14 22
debug3: tty_parse_modes: 18 15
debug3: tty_parse_modes: 30 1
debug3: tty_parse_modes: 31 0
debug3: tty_parse_modes: 32 0
debug3: tty_parse_modes: 33 0
debug3: tty_parse_modes: 34 0
debug3: tty_parse_modes: 35 0
debug3: tty_parse_modes: 36 1
debug1: Ignoring unsupported tty mode opcode 37 (0x25)
debug3: tty_parse_modes: 38 1
debug3: tty_parse_modes: 39 0
debug3: tty_parse_modes: 40 0
debug3: tty_parse_modes: 41 1
debug3: tty_parse_modes: 50 1
debug3: tty_parse_modes: 51 1
debug1: Ignoring unsupported tty mode opcode 52 (0x34)
debug3: tty_parse_modes: 53 1
debug3: tty_parse_modes: 54 1
debug3: tty_parse_modes: 55 1debug3: tty_parse_modes: 56 0
debug3: tty_parse_modes: 57 0
debug3: tty_parse_modes: 58 0
debug3: tty_parse_modes: 59 1
debug3: tty_parse_modes: 60 1
debug3: tty_parse_modes: 61 1
debug3: tty_parse_modes: 62 0
debug3: tty_parse_modes: 70 1
debug1: Ignoring unsupported tty mode opcode 71 (0x47)
debug3: tty_parse_modes: 72 1
debug3: tty_parse_modes: 73 0
debug3: tty_parse_modes: 74 0
debug3: tty_parse_modes: 75 0
debug3: tty_parse_modes: 90 1
debug3: tty_parse_modes: 91 1
debug3: tty_parse_modes: 92 0
debug3: tty_parse_modes: 93 0
debug1: server_input_channel_req: channel 0 request shell reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug2: fd 4 setting TCP_NODELAY
debug2: channel 0: rfd 9 isatty
debug2: fd 9 setting O_NONBLOCK
debug2: fd 8 is O_NONBLOCK
//-------------------------------------------------this next one also takes a while, then I am logged in without further output------------------------------
debug1: Setting controlling tty using TIOCSCTTY.
 
Old 05-22-2005, 09:52 PM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
According to a user on this site: http://forums.macosxhints.com/showth...threadid=39026

You need to turn off ipV6 networking support if you aren't using it.
 
Old 05-22-2005, 10:05 PM   #3
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374

Original Poster
Rep: Reputation: 47
I went into sysinstall, under options ipv6 is set to "no"
 
Old 05-22-2005, 10:09 PM   #4
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374

Original Poster
Rep: Reputation: 47
correction: it was already set to no, doesn't work
 
Old 05-22-2005, 10:44 PM   #5
freegianghu
Member
 
Registered: Oct 2004
Location: somewhere in the street
Distribution: Window$
Posts: 192

Rep: Reputation: 30
Quote:
Originally posted by exodist
correction: it was already set to no, doesn't work
Try add an entry to /etc/hosts, I guess (some thing like: 192.168.0.2 server)
 
Old 05-22-2005, 10:54 PM   #6
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374

Original Poster
Rep: Reputation: 47
added the machine to hosts, no effect, still slowtakes about 3-4 minutes

system/connection details:
gigabit connection through gigabit switch, about 10ft of cable between the systems

bsd box:
fresh install (freebsd newb)
pentium4 2.2 512mb ram, 15gb hd

linux box (gentoo stage1 amd64):
athlon64 3500 1gb ram 80gb hd
 
Old 05-23-2005, 04:29 AM   #7
freegianghu
Member
 
Registered: Oct 2004
Location: somewhere in the street
Distribution: Window$
Posts: 192

Rep: Reputation: 30
Quote:
Originally posted by exodist
added the machine to hosts, no effect, still slowtakes about 3-4 minutes

system/connection details:
gigabit connection through gigabit switch, about 10ft of cable between the systems

bsd box:
fresh install (freebsd newb)
pentium4 2.2 512mb ram, 15gb hd

linux box (gentoo stage1 amd64):
athlon64 3500 1gb ram 80gb hd
Take a look at thread

Hope it helps!
 
Old 05-23-2005, 08:51 AM   #8
exodist
Senior Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374

Original Poster
Rep: Reputation: 47
UsePrivilegeSeparation was the key, turned it off and it sped right up, the explinations given were kinda vague though. I have no idea what UsePrivilegeSeparation does.
 
Old 05-25-2005, 09:10 AM   #9
capnpayne
Member
 
Registered: Nov 2004
Location: Florida
Distribution: Slack 10.1
Posts: 56

Rep: Reputation: 15
Something similar happened to me, but the problem turned out to be a reverse lookup issue.
 
Old 05-25-2005, 10:16 AM   #10
freegianghu
Member
 
Registered: Oct 2004
Location: somewhere in the street
Distribution: Window$
Posts: 192

Rep: Reputation: 30
Quote:
Originally posted by capnpayne
Something similar happened to me, but the problem turned out to be a reverse lookup issue.
Try comment out all nameserver x.x.x. lines in resolv.conf.
 
Old 05-26-2005, 03:17 PM   #11
capnpayne
Member
 
Registered: Nov 2004
Location: Florida
Distribution: Slack 10.1
Posts: 56

Rep: Reputation: 15
Thanks... It's been fixed for a while, but I did it a different way (one that I can't remember - it's a server a bunch of friends and I use, so it's constantly undergoing small changes). I'll track it down.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH takes a long time (2 minutes) to connect jinju Linux - Newbie 5 07-31-2004 10:37 PM
sendmail takes minutes to start dirken Linux - Newbie 4 07-09-2004 05:09 PM
X login is slow, takes 2 minutes jhcatch22 Linux - Newbie 3 07-08-2004 12:33 AM
xfree takes minutes to start snu Linux - Software 0 07-13-2003 09:26 AM
Sendmail takes 5 minutes to start glock19 Linux - General 9 02-01-2002 12:33 PM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 03:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration