lots of "Postponed publickey for oracle from <IP>"
- From: Russell Fulton <r.fulton@xxxxxxxxxxxxxx>
- Date: Wed, 03 Oct 2007 14:30:02 +1300
In the sshd logs of our oracle cluster machines (which are running RHE
linux we are seeing a Postponed record before every Accepted record.
This happens for automated 'checks' that the machines do about once
every 10 seconds and also for manual logins.
There are two machines involved which do frequent ssh logins from the
oracle accound of one to the oracle account of the other (and vise versa).
The set up in ~oracle/.ssh looks fine on both machines, all files are
owned and readable by oracle. Each machine has the appropriate key in
its authorized_keys file and it all works fine except for the
'Postponed' messages in the log file.
I have tried to replicate the scenario on an other pair of machines but
can not reproduce the messages (I can not fiddle on our main production
database system ;)
I have done some hours research on the web around this and have also
posted to another security list where there are plenty of clueful people.
I have found several people asking the same question but no answers.
My own research suggests that there is some sort of asynchronous check
happening in sshd that is related to the keys and if a response is slow
then the whole process is started again and the postponed message is
written. Googling on the message returns several sets of ssh debug
output which show the postponed messages. They also show sshd repeating
the authentication process....
This isn't a huge issue but I don't like key systems like our database
servers generating log messages that I don't understand!
- Prev by Date: Re: ssh without encryption (authentication only)?
- Next by Date: Re: ssh restrictions (/etc/ssh_config)
- Previous by thread: Re: ssh without encryption (authentication only)?
- Next by thread: Re: ssh restrictions (/etc/ssh_config)