Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
02-14-2003, 01:24 AM
|
#1
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Rep:
|
Slow SSH...
When ever i try to SSH into my netserver it seems to be extremely slow in logging in...I'll type in the IP address, then it'll take about 4 seconds to show the 'login as: ' screen, then once ive typed in the username and hit enter it takes 10 seconds to show the 'fallenb@192.168.0.1's password: '
When i enter the password and hit enter it goes instantly and any commands i enter from then on goes instantly...but while just connecting to the machine and entering the username is heaps slow...any idea's?
BTW, the machine is Debian...
|
|
|
02-14-2003, 04:38 AM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,417
|
|
|
|
02-14-2003, 06:12 AM
|
#3
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Original Poster
Rep:
|
I hadn't, no. But i checked them out just then and added the ip and hostname of my machine into the /etc/hosts file, and it has sped it up...but its still a tad slow actually connecting to the box, before it displays the 'login as: '...thats not too worrying as its not that slow, but it should be faster seeings as its on a LAN...
Also, how can i fix this for all other hosts? as in, if people connect from the outside world into it...its not as though i can add all those IP's in manually...
|
|
|
02-14-2003, 06:21 AM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,417
|
Ok, maybe let's go back to the start. Was this problem always there or has it happened overnight|over an upgrade|change in running daemons(.*config)|firewall rules|sshd_config|whatever else? If it happened after something got changed (preferably you knowing about it, LOL), can you retrace your steps? If it didn't, does this slowness happen in all public accessable services (.*requiring.login)?
|
|
|
02-14-2003, 07:25 AM
|
#5
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Original Poster
Rep:
|
na, its been happening from the start...
how do you mean "slowness happen in all public accessable services "....as in, a HTTP service provided by the server...na, that works fine, no delays there..
|
|
|
02-15-2003, 05:56 AM
|
#6
|
Moderator
Registered: May 2001
Posts: 29,417
|
Ok, then you'll have to see if you've got options in your sshd_config that makes sshd slower auth'ing the connection like reverse dns etc.
|
|
|
02-16-2003, 11:48 AM
|
#7
|
Member
Registered: Nov 2002
Distribution: A totally 133t distro :)
Posts: 358
Rep:
|
There was a problem on at least suse with openssh 3.4 and kerberos that caused it to be horrendously slow.
Upgrading to openssh 3.5 fixed it for me, compiled myself without kerberos support (probably unnecessary I know) and its nice and zippy.
|
|
|
02-17-2003, 11:59 PM
|
#8
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Original Poster
Rep:
|
unSpawn, I don't know what I'm really looking for in this config file...
m0rl0ck, AFAIK It's the latest ver of SSH...it came on the latest copy of Debian..
|
|
|
02-18-2003, 12:41 PM
|
#9
|
Moderator
Registered: May 2001
Posts: 29,417
|
"grep /etc/ssh/sshd_config -ie reverse"
For those set to "yes" change to "no" and see if that speeds up things.
|
|
|
02-21-2003, 05:28 AM
|
#10
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Original Poster
Rep:
|
my ssh_config didn't contain anything with reverse in it...
|
|
|
02-21-2003, 01:16 PM
|
#11
|
Moderator
Registered: May 2001
Posts: 29,417
|
Damn, this taking way too long. I think there are 2 basic paths to follow, depending on where you think the problem may be.
If you choose sshd, then try running sshd in debug mode (sshd -d -d -d), login using ssh w verbose logging (ssh -v -v -v) and try to correlate around which part(s) it stalls. Also check if you didn't have any Rhosts(like) auth set on in ssh/sshd config.
OTOH most problems with slowness are due to DNS AFAIK (read), which means you should start checking from the bottom up (on the server and the client) with configs like /etc/resolv.conf, /etc/ns* /etc/host*, /etc/ssh/*, then on to firewall and router.
But I think you are less likely to find "something" there as you already indicated no other traffic was slow...
Anyway, whichever path you choose I think it would be wise to add your ssh(d) configs to your next post.
|
|
|
02-24-2003, 05:32 AM
|
#12
|
Member
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399
Original Poster
Rep:
|
ok, in the mean time while i take a look at things heres my ssh config...
godammit! I can't copy and paste it in here....got any idea's on how i can get it in here...i can't CTRL+C to copy it...  btw, using mcedit and vi 
|
|
|
02-25-2003, 06:31 AM
|
#13
|
Moderator
Registered: May 2001
Posts: 29,417
|
Aw cummon, just select it with yer mouse... slackwh0re gpm/vi/links can't be *that* bad :-]
|
|
|
02-25-2003, 07:09 AM
|
#14
|
Member
Registered: Jan 2002
Location: Missoula. Montana, USA
Distribution: Slackware (various)
Posts: 464
Rep:
|
Without the output from "ssh -v" it is hard to diagnose this problem. There is a lot of communication back and forth between client and host as a connection is negotiated. Hopefully I am not too ponderous here, but this communication is of course affected by the config files. In other words, that information can help as well.
Given this, with my setup and the hosts I log into, using "ssh -4 <host>" speeds up the negotiation process as it "Forces ssh to use IPv4 addresses only" . Perhaps a -2 option might help as well to force the use of protocol 2 only (since many hosts now refuse protocol 1).
|
|
|
08-27-2003, 06:33 PM
|
#15
|
LQ Newbie
Registered: Jul 2003
Posts: 1
Rep:
|
Hello, Our ssh connection from windows xp to Red Hat 9.0 was fine and then one day it got really slow. I even ssh from the linux box itself and it still takes about 30 seconds before the prompt to login appears. Have you seen this?
|
|
|
All times are GMT -5. The time now is 01:39 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|