LinuxQuestions.org - SSH : Takes a long time to login to a remote server

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - SSH : Takes a long time to login to a remote server (https://www.linuxquestions.org/questions/linux-networking-3/ssh-takes-a-long-time-to-login-to-a-remote-server-393463/)

SSH : Takes a long time to login to a remote server

I am using SSH to login from one Linux 7.3 machine to a Linux Enterprise machine.

The problem is when I type "ssh user1@10.10.1.10", the password appears immediately but after I enter the password it takes about 10 seconds to login completely.

I have tried logging in with ftp and everything happens within a second - no problem.

Can anyone tell me what's wrong?

Do I need to check the client or the server config files?

Should I show the sshd_config file in the server? resolv.conf file in the server? hosts file? I read somewhere that this has something to do with the DNS.

Please help. Let me know what I need to provide.

That 10 second delay is probably down to negotiation - where the client and server agree on a common encryption method, exchange keys and agree a session key. These actions need random numbers from the kernel, and it all takes time. I believe that OpenSSH also includes a fake delay to prevent dictionary attacks on passwords so "accept" and "refuse" take about the same amount of time.

My connections take about that time - Windows running PuTTY to FC4 running OpenSSH, SSHv2 using public keys.

WinSCP3 (sftp) takes about the same time to connect and authenticate.

i am also having this problem. 10 or 20sec delay. other computers on the same lan almost instantaneous. this also happens when i try to connect to the mysql db server on that machine. this is not normal. i am starting to wonder if it my network card is going bad or maybe my router/switch is going bad.

edit:
problem fixed by adding the client machine's ip to /etc/hosts on the server machine. not sure why it worked fine prior adding this entry weeks ago. now there is no delay betwn entering my uid and getting the password request from ssh.

I occassionaly experience this issue, usually down to network load and connections to the server. I would guess the same as the other posts, negotiation of encryption etc.

Hi,

Take a look at the UseDNS [yes|no] in the sshd_config file. If it is set to Yes there is a good chance that a delay will/can occur.
Take a look here: OpenSSH FAQ especially chapter 3.3. It also points to some other possible delay causes.

@abeltagui: You decided to dig up a 3+ year old thread to give that bit of non-specific advice? ;)

Quote:

Originally Posted by hank43 (Post 2004074)

Thanks! Fixed the slow login problem I was experiencing! :)

Most appropriate method to know the problem is to connect using ssh in debug mode

# ssh -v <Server name>

OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to mysql [192.168.0.29] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 1a:2c:c4:62:cc:27:1b:76:6b:f7:b2:38:00:7b:3f:63
debug1: Host 'mysql' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

Line mark in red was causing the delay in my case. I commented out following line on the destination server and it resolved the issue in my case

Code:

# GSSAPI options

#GSSAPIAuthentication no

#GSSAPIAuthentication yes

#GSSAPICleanupCredentials yes

#GSSAPICleanupCredentials yes

#GSSAPIStrictAcceptorCheck yes

#GSSAPIKeyExchange no

restart the SSH daemon on the remote server and try to reconnect... voila .. it s fine!.