Re: Two simple openssh questions...
From: Nico Kadel-Garcia (nkadel_at_verizon.net)
Date: Mon, 25 Aug 2003 12:30:50 GMT
> I have got a couple simple openssh questions that I haven't been able to
> answer myself by searching on the internet. If someone could answer any
> one or both of them, I would be very pleased - :-)
> 1) I am using Redhat 9 - successfully logging in on another machine with
> ssh but it takes about 20 seconds before I get a command prompt on the
> remote machine. Is this delay normal behaviour or is there something
> that I need to look at in my ssh configuration?
It's common if you don't have reverse DNS setup on your client in this
case: there's a lookup of the IP address the connection comes from, and
that takes time to time-out if the IP address is not registered. You can
run the SSH daemon with the "-u0" option to prevent this.
Also, if the machine is slow, it will take some time to generate the
public-key based exchanges where the machines talk back and forth and
verify that the server has the right *private* key to match the public key.
> 2) I am about to compile the source of openssh3.6.1 and note that there
> are two versions available for download on the openssh.org website - one
> ending with p1 (openssh-3.6.1p1.tar.gz) and then other ending in p2
> (openssh-3.6.1p2.tar.gz). I am guessing that if I am to use ssh
> protocol 1 then I need the file which includes p1 in its filename and
> the file with p2 in its name if I want to use ssh protocol 2. Is this
> correct? In which case, if I want to support both, do I need to
> download and compile both packages?
Good guess, but wrong. OpenSSH has incorporated both protocol 1 and
protocol 2 into the same binary and source code distribution for quite
some time. It's only the old ssh.com code (which is of lesser quality,
in my opinion) that splits them off.
p2 is just a slightly newer version: I wasn't aware one had been published.