Re: slow ssh response time



Thank you all for your answers!

You probably didn't receive an earlier response of mine:
==========================================================
Actually the problem seems to have been sorted out. Right after
placing in the sshd_config file "UseDNS no" and reloading/restarting
the OpenSSH server, no effect took place, but a few hours later my ssh
response became instant (<1 sec) :)
Strange..

Mike
==========================================================

Actually the above is not entirely true. When I try to ssh into my
desktop at home from a pc I use at work, the response
is still slow, BUT I have tried to ssh into my desktop at home from
multiple other pcs and the password prompt is instant.

If it makes any difference, the pc at work runs on UBuntu 10.10,
whereas all other pcs I've tried run on 8.04.

Mike

On Wed, Apr 13, 2011 at 11:20 AM, Saif El Sherei <SSherei@xxxxxxxxxxxx> wrote:
hello mike,

Well normally DNS resolution slows any network activity down. Even in port scanning for example using nmap its prefered to use the -n switch to disable DNS resolution because it slows the scan down.

Hope this helped to clarify things a bit.

Regards,

Saif
OSCP

Sent from my iPhone.

On Apr 13, 2011, at 5:14 AM, "Michael Sioutis" <papito.dit@xxxxxxxxx> wrote:

Actually the problem seems to have been sorted out. Right after
placing in the sshd_config file "UseDNS no" and reloading/restarting
the OpenSSH server, no effect took place, but a few hours later my ssh
response became instant (<1 sec) :)
Strange..

Mike

On Tue, Apr 12, 2011 at 7:15 PM, Michael Sioutis <papito.dit@xxxxxxxxx> wrote:
Hello!!

I have a slow ssh response time and I don't know what is causing it.
I'm providing you with some information and kindly requesting
your help.

***System***
Linux  Ubuntu 10.04.2 LTS 2.6.32-30-generic #59-Ubuntu SMP Tue Mar 1
21:30:46 UTC 2011 x86_64 GNU/Linux

***OpenSSH version***
OpenSSH_5.3p1 Debian-3ubuntu6, OpenSSL 0.9.8k 25 Mar 2009

***Problem***
ssh -v user@host
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to host [XX.XXX.XX.XXX] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1

--------------->Delay (4-5 secs)<---------------

debug1: Remote protocol version 2.0, remote software version
OpenSSH_5.3p1 Debian-3ubuntu6
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'host' is known and matches the RSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:9
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Next authentication method: password
user@host's password:

***sshd_config file***
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes

KeyRegenerationInterval 3600
ServerKeyBits 768

SyslogFacility AUTH
LogLevel INFO

LoginGraceTime 120
PermitRootLogin no
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no

PermitEmptyPasswords no

ChallengeResponseAuthentication no

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes

AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes
UseDNS no
AllowUsers user

Thank you for any information about this!
Mike






Relevant Pages

  • RE: RE : RE : X11Forwarding problem on Solaris.
    ... The program is using the display environment variable. ... First i use ssh to connect from node2 to node4 and then I start the PROGRAM ... debug1: Connection established. ... Subject: RE: RE: X11Forwarding problem on Solaris. ...
    (SSH)
  • Update: Unable to login without password using ssh
    ... The permission on the .ssh directory was following ... I have other servers which are working. ... debug1: Rhosts Authentication disabled, originating port will not be trusted. ... debug1: sent kexinit: none ...
    (SunManagers)
  • Solaris->Fedora6 unidirectional problem
    ... I have a strange unsolved unidirectional problem using ssh from Solaris to Fedora6: ... I have a couple FC6 behind the Solaris boxes ... debug2: fd 4 setting O_NONBLOCK ... debug1: fd 4 clearing O_NONBLOCK ...
    (SSH)
  • [SLE] Slow SSH login
    ... A> ssh B ... second delay no matter the authentication mechanism ... debug1: Authentication succeeded. ...
    (SuSE)
  • UPDATE2: SSH problem to Solaris 10 : Resource temporarily unavailable]
    ... I truss-ed the client ssh call and managed to identify the exact ... debug1: Rhosts Authentication disabled, originating port will not be trusted. ... debug1: We proposed langtags, ctos: en-US ...
    (SunManagers)