ssh communication issue

-Hopefully this is the right list-
Our ssh connections work fine on all our servers when we connect via the -local- network.
But, when we ssh from the -internet-, there are long pauses where i/o is not displayed/echoed to the screen on our Debian servers.
We experience 10 to 30 second pauses after a screen or 2 of display on Debian Etch kernel 2.6.12, SSH-2.0-OpenSSH_4.2p1 Debian-5.
We have same issue, with slightly shorter pauses, on a Debian Sarge kernel 2.4.18, OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3.
We do not experience the problem on a SCO OS5 3.2v5.0.5 kernel, OpenSSH_2.2.0p1
Also, if we ssh to SCO first, then locally ssh to Debian, the pauses do not occur...
So it definitely has nothing to do with the network or infrastructure or the load on any server, etc.
It is something to do with either Debian or OpenSSH and only is triggered when the IP source IP is outside the LAN.
Does anyone know what might me contributing to the screen IO issue?
Cheers,
Larry

Relevant Pages

  • Re: ssh communication issue
    ... But, when we ssh from the internet, there are long pauses where i/o is not displayed/echoed to the screen on our Debian servers. ... Are you coming from machines that don't have proper reverse DNS entries on the new Debian machines, whereas the old SCO machine has a proper reverse DNS entry?) ...
    (Debian-User)
  • Re: ssh communication issue
    ... But, when we ssh from the internet, there are long pauses where i/o is not displayed/echoed to the screen on our Debian servers. ... (During the connection process, SSH looks up your remote machine's name via reverse DNS lookups. ...
    (Debian-User)
  • Re: ssh communication issue
    ... > the -local- network. ... > not displayed/echoed to the screen on our Debian servers. ... > Also, if we ssh to SCO first, then locally ssh to Debian, the pauses do not ...
    (SSH)
  • Analysis of SSH crc32 compensation attack detector exploit
    ... Analysis of SSH crc32 compensation attack detector exploit ... detector vulnerability to remotely compromise a Red Hat Linux ... Active Internet connections (servers and established) ...
    (Incidents)
  • Re: Agent Forwarding Question for the list
    ... I provided a suggestion (invoking ssh with -vvv) as to how to further troubleshoot the problem. ... I was determined to ask the experts in case it was a common mistake or something that simply is not possible under openssh. ... Say in the ideal setup for development servers I'd have a cronuser, scriptuser, monitoruser, cvsuser, and root all configured with my public key and that I could jump in and out of each not only from my own Linux Desktop, but through each user to each user on other servers in the development chain. ... After reading all the documentation and FAQs I could find, I had assumed ssh-agent on the desktop and agent forwarding on the servers would be sufficient, but something is blocking the forwarding, or I'm way off and this isn't how it's meant to work. ...
    (SSH)