[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: delay after ssh'ing into a server



Bill Tangren wrote:
Stephen Carville wrote:
Bill Tangren wrote:
Mahesh Pokala wrote:
Check /etc/resolv.conf  for valid dns entries
Check /etc/nsswitch.conf  for valid entries.


I don't see anything unusual in them, and I haven't changed them. Also, they are the same as the same files on the other servers, and those servers don't have this problem. I've tried this from several different servers. I've also asked others to try, and they have the same problem.

try ssh -vv user wherever to see where the hang is happening.

[root eunomia ~]# ssh -vv bjt aa
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to aa [10.1.5.93] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1

Then the 30 second pause... then

Still looks like name resolution problem. Just for S&G try putting yoru machine and IP address in /etc/hosts and make sure yout host line in nsswitch.conf includes files. AKA:

hosts:	files dns

debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received

and a lot of other stuff.


On the server try dig -x client.IP.add.ress to be sure reverse DNS works.

[root aa ~]# dig -x eunomia.usno.navy.mil

; <<>> DiG 9.2.4 <<>> -x eunomia.usno.navy.mil
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51067
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mil.navy.usno.eunomia.in-addr.arpa. IN PTR

;; Query time: 19 msec
;; SERVER: 10.1.1.5#53(10.1.1.5)
;; WHEN: Thu Oct  5 16:01:57 2006
;; MSG SIZE  rcvd: 52

It seems to work just fine. I'm at a loss.

dig -x means IP address -> name mapping. Try it with your IP address not your machine name.

Try setting UseDNS to No to disable lookups



Mahesh

-----Original Message-----
From: redhat-list-bounces redhat com [mailto:redhat-list-bounces redhat com] On Behalf Of Bill Tangren
Sent: Thursday, October 05, 2006 1:29 PM
To: General Red Hat Linux discussion list
Subject: delay after ssh'ing into a server

I am having an odd problem with one of my RHEL servers. When I issue the command to ssh into it:

$ ssh aa

there is a 30 second delay before I get the password prompt. I tried deleting the appropriate line in ~/.ssh/known-hosts and trying it again, but I still got a 30 second delay before I got this message:

The authenticity of host 'aa (10.1.5.93)' can't be established.
RSA key fingerprint is <a:long:hex:number>.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aa,10.1.5.93' (RSA) to the list of known hosts.

This is what the log looks like during this time:

Oct 5 14:52:30 aa xinetd[3098]: START: ssh pid=23524 from=10.1.5.58 Oct 5 18:53:12 aa sshd[23567]: Accepted password for bjt from 10.1.5.58 port
32818 ssh2
Oct 5 14:53:12 aa sshd[23524]: Accepted password for bjt from 10.1.5.58 port
32818 ssh2

Notice the 42 second time delay. The first line appeared in the log just after I send the "ssh aa" command.

I must have done something to make the system delay after receiving the connection request, but I can't imagine what. Googling turned up nothing for me.

Any ideas?

Bill Tangren

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list








--
Stephen Carville <stephen totalflood com>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
310-342-3602



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]