Hi all, I have two linux boxes at home: FC3 and FC4. I am logging into the FC4 box from FC3 and the time from issuing the 'ssh ....' command until I see the password prompt is 36 seconds. As I am new to this I have no idea where to begin looking for the cause of the delay.
I can login into the FC4 box from my wife's OS X Mac with virtually no delay.
Pointers please on where to begin looking for the hangup.
TIA
Bob
On Monday 05 September 2005 04:22, Bob Hartung wrote:
Pointers please on where to begin looking for the hangup.
When you're scratching your head about what is happening on the wire, tcpdump is always a good place to start. Run it in another command prompt and try the bad connect, see what packets are going where.
DNS problems are a popular cause of long network delays.
If nothing shows in tcpdump, try the connect again with ssh -v -v -v and see what the last happenings are before the delay.
Check your logs on the server side (/var/log/messages I guess).
-Andy
On Sun, Sep 04, 2005 at 11:22:41PM -0400, Bob Hartung wrote:
Date: Sun, 04 Sep 2005 23:22:41 -0400 From: Bob Hartung rwhart@mchsi.com To: fedora-list fedora-list@redhat.com Subject: ssh login delays Reply-To: For users of Fedora Core releases fedora-list@redhat.com
Hi all, I have two linux boxes at home: FC3 and FC4. I am logging into the FC4 box from FC3 and the time from issuing the 'ssh ....' command until I see the password prompt is 36 seconds. As I am new to this I have no idea where to begin looking for the cause of the delay.
I can login into the FC4 box from my wife's OS X Mac with virtually no delay.
Pointers please on where to begin looking for the hangup.
Compare and contrast:
ssh -x user@host ssh -X user@host
My guess is that the systems are establishing an secure tunnel/ channel for X11 traffic. The other very common time consumer is host name lookup both forward and backward (DNS bind). If I recall correctly the ssh config files (/etc/ssh/*) changed between FC3 and FC4 on some of this.
You can check the the X11 thing by starting xterm and then inspect $DISPLAY. If $DISPLAY is a "localhost:11.0" something address there is an SSH tunnel...
I found quite by accident one evening when my ISP was unavailable that sshd (or perhaps ssh -- can't quite remember which) was performing a DNS lookup of a nonexistent host _kerberos.<FQDN>. This turned out to be because the GSSAPIAuthentication flag was set to yes in the ssh[d]_config file. You might try setting that flag to no (or commenting it out altogether). That solved my slow ssh login response.
Jay
On 11/15/05, Nifty Hat Mitch mitch48@sbcglobal.net wrote:
On Sun, Sep 04, 2005 at 11:22:41PM -0400, Bob Hartung wrote:
Date: Sun, 04 Sep 2005 23:22:41 -0400 From: Bob Hartung rwhart@mchsi.com To: fedora-list fedora-list@redhat.com Subject: ssh login delays Reply-To: For users of Fedora Core releases fedora-list@redhat.com
Hi all, I have two linux boxes at home: FC3 and FC4. I am logging into the FC4 box from FC3 and the time from issuing the 'ssh ....' command until I see the password prompt is 36 seconds. As I am new to this I have no idea where to begin looking for the cause of the delay.
I can login into the FC4 box from my wife's OS X Mac with virtually no delay.
Pointers please on where to begin looking for the hangup.
Compare and contrast:
ssh -x user@host ssh -X user@hostMy guess is that the systems are establishing an secure tunnel/ channel for X11 traffic. The other very common time consumer is host name lookup both forward and backward (DNS bind). If I recall correctly the ssh config files (/etc/ssh/*) changed between FC3 and FC4 on some of this.
You can check the the X11 thing by starting xterm and then inspect $DISPLAY. If $DISPLAY is a "localhost:11.0" something address there is an SSH tunnel...
-- T o m M i t c h e l l Found me a new place to hang my hat :-) Found me a cable too.
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
-
Andy Green -
Bob Hartung -
J. K. Cliburn -
Tom Mitchell