ssh twice as fast on second try with sssd configuration
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ssh twice as fast on second try with sssd configuration
ssh twice as fast on second try with sssd configuration (1st = 0m0.425s vs, 2nd = 0m0.199s)
I have about 15 servers I am trying to configure the optimal sssd configuration on. I am almost there but I cant figure out why after a period of time of not touching the boxes ssh is slow and then on the second attempt right after its twice as fast... Then if I wait 5 or 10 mins its twice as slow again... I am suspecting caching but I configured everything to the best of my knowledge and I have researched a lot and cannot find any better configs.
OS = RHEL 7.x
here is my sssd.conf....
1 - any ideas on how to make the first ssh attempt always as fast as the second? Id like it always to be as fast as local auth.
2 - any expert comments on potential problems with my configuration
3 - any further performance enhancements I can add?
What I think is happening is after the 5 mins it needs to re-cache? But I thought I told it to refresh its cached entries at 5 minutes? My config also says to only hold the cached entries for 4 days right? Shouldn't it only be slow again if I login again after 4 days?
[nss]
filter_groups = root
#Enter all the FIDs here for the specific environment "filter_users = "
filter_users = root
reconnection_retries = 3
entry_cache_nowait_percentage = 75
#debug_level=9
# ignore_group_members makes getgr* omit the members field
# this vastly improves performance for things like id and sudo
# but it may need to be disabled if any of your applications
# expect to be able to read group memberships.
ignore_group_members = true
i experience the same on my box, and i don't think there's anything to do about it.
on my server it actually got worse after encrypting the drive.
first connection takes a long time, after that it's near-instant.
i think it has something to do with buffers...
the only solution i could think of would be to make it always as slow as the first time. consistency.
It rather sounds to me like the process is simply being "swapped out" on a busy machine. When it becomes active again, the OS must swap it back in again, and that takes time. Next time around, the process hasn't been swapped back out yet.
Perhaps this behavior actually has nothing at all to do with the configuration parameters that you're so busily tweaking!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.