Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When ever i try to SSH into my netserver it seems to be extremely slow in logging in...I'll type in the IP address, then it'll take about 4 seconds to show the 'login as: ' screen, then once ive typed in the username and hit enter it takes 10 seconds to show the 'fallenb@192.168.0.1's password: '
When i enter the password and hit enter it goes instantly and any commands i enter from then on goes instantly...but while just connecting to the machine and entering the username is heaps slow...any idea's?
I hadn't, no. But i checked them out just then and added the ip and hostname of my machine into the /etc/hosts file, and it has sped it up...but its still a tad slow actually connecting to the box, before it displays the 'login as: '...thats not too worrying as its not that slow, but it should be faster seeings as its on a LAN...
Also, how can i fix this for all other hosts? as in, if people connect from the outside world into it...its not as though i can add all those IP's in manually...
Ok, maybe let's go back to the start. Was this problem always there or has it happened overnight|over an upgrade|change in running daemons(.*config)|firewall rules|sshd_config|whatever else? If it happened after something got changed (preferably you knowing about it, LOL), can you retrace your steps? If it didn't, does this slowness happen in all public accessable services (.*requiring.login)?
how do you mean "slowness happen in all public accessable services "....as in, a HTTP service provided by the server...na, that works fine, no delays there..
There was a problem on at least suse with openssh 3.4 and kerberos that caused it to be horrendously slow.
Upgrading to openssh 3.5 fixed it for me, compiled myself without kerberos support (probably unnecessary I know) and its nice and zippy.
Damn, this taking way too long. I think there are 2 basic paths to follow, depending on where you think the problem may be.
If you choose sshd, then try running sshd in debug mode (sshd -d -d -d), login using ssh w verbose logging (ssh -v -v -v) and try to correlate around which part(s) it stalls. Also check if you didn't have any Rhosts(like) auth set on in ssh/sshd config.
OTOH most problems with slowness are due to DNS AFAIK (read), which means you should start checking from the bottom up (on the server and the client) with configs like /etc/resolv.conf, /etc/ns* /etc/host*, /etc/ssh/*, then on to firewall and router.
But I think you are less likely to find "something" there as you already indicated no other traffic was slow...
Anyway, whichever path you choose I think it would be wise to add your ssh(d) configs to your next post.
Without the output from "ssh -v" it is hard to diagnose this problem. There is a lot of communication back and forth between client and host as a connection is negotiated. Hopefully I am not too ponderous here, but this communication is of course affected by the config files. In other words, that information can help as well.
Given this, with my setup and the hosts I log into, using "ssh -4 <host>" speeds up the negotiation process as it "Forces ssh to use IPv4 addresses only" . Perhaps a -2 option might help as well to force the use of protocol 2 only (since many hosts now refuse protocol 1).
Hello, Our ssh connection from windows xp to Red Hat 9.0 was fine and then one day it got really slow. I even ssh from the linux box itself and it still takes about 30 seconds before the prompt to login appears. Have you seen this?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.