[Freeipa-users] slow ssh
KodaK
sakodak at gmail.com
Mon Sep 10 22:12:44 UTC 2012
On Mon, Sep 10, 2012 at 4:16 PM, Steven Jones <Steven.Jones at vuw.ac.nz> wrote:
> Hi,
>
> Not sure if this is an IPA issue but Im finding ssh takes long time to login. It looks like ssh is querying IPA for authentication mechanisms?...if so can I simply turn this off? and if so how?
"Slow" SSH is (in my experience, anyway) usually a DNS problem. Are
you using IPA for DNS, or external? Either way, is reverse DNS
working?
I had an issue recently with users complaining about slow logins, but
it turned out that bind on my primary IPA box died (I have no idea
how.) Since resolv.conf goes in order, it would hit the primary, time
out, then fail over to the other DNS servers. Once I restarted bind
everything was fine again. I'm still investigating what happened, but
there's only so much time in a day.
As for auth mechanisms -- those are defined in your sshd_config, but
why would you want to turn that off? That's the whole point of IPA.
I'm probably misunderstanding something, though. :)
--
The government is going to read our mail anyway, might as well make it
tough for them. GPG Public key ID: B6A1A7C6
More information about the Freeipa-users
mailing list