f



openssh pausing for 10 sec before connecting

I am having trouble with openssh connecting from my laptop to a remote
computer via ssh, in that it is taking about 10 sec to connect. 
If I do
ssh -vvv remote
I get two pauses, one about 8 sec and one about 3

The first one occurs

debug1: identity file /home/unruh/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6
*******************************************88
   8 sec pause occurs here
   *****************************************
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "info" from file
"/home/unruh/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/home/unruh/.ssh/known_hosts:7
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent


Then another 3 sec pause occurs

debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/unruh/.ssh/id_rsa (0x55dxxxxxxxxx),
debug2: key: /home/unruh/.ssh/id_dsa ((nil)),
debug2: key: /home/unruh/.ssh/id_ecdsa ((nil)),
debug2: key: /home/unruh/.ssh/id_ed25519 ((nil)),
******************************************
 3 sec pause occurs here.
 ****************************************
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug3: start over, passed a different list
publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey


Any idea why the pauses? Other local machines have no trouble connecting
to the server immediately. Also if I connect locally to the laptop, the
connection occurs immediately



n the laptop
openssh-6.6p1-5.9.mga5
On the server
openssh-6.6p1-5.7.mga5


passwordless login each time

0
William
10/8/2016 4:41:32 PM
comp.security.ssh 4228 articles. 0 followers. terra1024 (490) is leader. Post Follow

6 Replies
368 Views

Similar Articles

[PageSpeed] 44

William Unruh <unruh@invalid.ca> writes:
> I am having trouble with openssh connecting from my laptop to a remote
> computer via ssh, in that it is taking about 10 sec to connect. 
> If I do
> ssh -vvv remote
> I get two pauses, one about 8 sec and one about 3

It’s usually DNS or ident.

-- 
http://www.greenend.org.uk/rjk/
0
Richard
10/8/2016 8:44:56 PM
On Sat, 08 Oct 2016 16:41:32 +0000, William Unruh wrote:

> I am having trouble with openssh connecting from my laptop to a remote
> computer via ssh, in that it is taking about 10 sec to connect.
> If I do ssh -vvv remote I get two pauses, one about 8 sec and one about
> 3
> 
> The first one occurs
> 
> debug1: identity file /home/unruh/.ssh/id_ed25519-cert type -1 debug1:
> Enabling compatibility mode for protocol 2.0 debug1: Local version
> string SSH-2.0-OpenSSH_6.6 *******************************************88
>    8 sec pause occurs here *****************************************
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
> debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000 debug2: fd 3
> setting O_NONBLOCK debug3: load_hostkeys: loading entries for host
> "info" from file "/home/unruh/.ssh/known_hosts"
> debug3: load_hostkeys: found key type RSA in file
> /home/unruh/.ssh/known_hosts:7 debug3: load_hostkeys: loaded 1 keys
> debug3: order_hostkeyalgs: prefer hostkeyalgs:
> ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa
> debug1: SSH2_MSG_KEXINIT sent
> 
> 
> Then another 3 sec pause occurs
> 
> debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT
> received debug2: key: /home/unruh/.ssh/id_rsa (0x55dxxxxxxxxx),
> debug2: key: /home/unruh/.ssh/id_dsa ((nil)),
> debug2: key: /home/unruh/.ssh/id_ecdsa ((nil)),
> debug2: key: /home/unruh/.ssh/id_ed25519 ((nil)),
> ******************************************
>  3 sec pause occurs here. ****************************************
> debug1: Authentications that can continue:
> publickey,password,keyboard-interactive debug3: start over, passed a
> different list publickey,password,keyboard-interactive debug3: preferred
> publickey,keyboard-interactive,password debug3: authmethod_lookup
> publickey debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey debug1: Next authentication
> method: publickey
> 
> 
> Any idea why the pauses? Other local machines have no trouble connecting
> to the server immediately. Also if I connect locally to the laptop, the
> connection occurs immediately
> 
> 
> 
> n the laptop openssh-6.6p1-5.9.mga5 On the server openssh-6.6p1-5.7.mga5
> 
> 
> passwordless login each time

	I would check out whether the system where the SSH server is 
running is having DNS issues.

0
James
10/8/2016 8:46:54 PM
On 2016-10-08, Richard Kettlewell <invalid@invalid.invalid> wrote:
> William Unruh <unruh@invalid.ca> writes:
>> I am having trouble with openssh connecting from my laptop to a remote
>> computer via ssh, in that it is taking about 10 sec to connect. 
>> If I do
>> ssh -vvv remote
>> I get two pauses, one about 8 sec and one about 3
>
> It???s usually DNS or ident.

The remote machine is in /etc/hosts, so that should not be a problem.
And it is very very reproducible (Ie, every time with the same delay).

>
0
William
10/9/2016 8:19:04 AM
William Unruh <unruh@invalid.ca> writes:
> Richard Kettlewell <invalid@invalid.invalid> wrote:
>> William Unruh <unruh@invalid.ca> writes:
>>> I am having trouble with openssh connecting from my laptop to a remote
>>> computer via ssh, in that it is taking about 10 sec to connect. 
>>> If I do
>>> ssh -vvv remote
>>> I get two pauses, one about 8 sec and one about 3
>>
>> It???s usually DNS or ident.
>
> The remote machine is in /etc/hosts, so that should not be a problem.
      ^^^^^^^^^^^^^^

There are two endpoints to this communication, delays can arise in
either.

                    vvvvvvvv
It’s usually DNS -->OR IDENT<--.
                    ^^^^^^^^

-- 
http://www.greenend.org.uk/rjk/
0
Richard
10/9/2016 8:57:22 AM
On 2016-10-08, James H. Markowitz <noone@nowhere.net> wrote:
> On Sat, 08 Oct 2016 16:41:32 +0000, William Unruh wrote:
>
<Problems with ssh having long pauses on connection>
> 	I would check out whether the system where the SSH server is 
> running is having DNS issues.

Hmm, I had assumed it was the local machine that is problematic, but I
now put the IP of the local machine (as seen by the remote server) into
/etc/hosts on the server and suddenly there are no long pauses in
ssh -vvv
and the connection ( without any -v) comes up in about 2 sec, rather
than 10-12)

So, it seems that the attempt  by the server to reverse resolve the local outaddress of eduroam
network here is causing the long delay. (there is no dns hostname
associated with that address.)

Thanks. Now I just have to worry about them changing that output (net
facing) IP address. But it seems to be pretty stable. (Ie it has been
the same for a month-- it seems to be tied to which building I use
eduroam in.)




>
0
William
10/9/2016 11:33:53 AM
On 2016-10-09, Richard Kettlewell <invalid@invalid.invalid> wrote:
> William Unruh <unruh@invalid.ca> writes:
>> Richard Kettlewell <invalid@invalid.invalid> wrote:
>>> William Unruh <unruh@invalid.ca> writes:
>>>> I am having trouble with openssh connecting from my laptop to a remote
>>>> computer via ssh, in that it is taking about 10 sec to connect. 
>>>> If I do
>>>> ssh -vvv remote
>>>> I get two pauses, one about 8 sec and one about 3
>>>
>>> It???s usually DNS or ident.
>>
>> The remote machine is in /etc/hosts, so that should not be a problem.
>       ^^^^^^^^^^^^^^
>
> There are two endpoints to this communication, delays can arise in
> either.

You are perfectly correct. I was thinking dns problems, and I knew that
dns on the server works fine. I have logged in there from machines all
over the world, where I have not had these problems. But the problem
appears to be that the IP address of the eduroam gateway here has no dns
name, so the ssh dns reverse name query does not work, and appears to be
giving the delay. Ie, dns works on the server, it just cannot do what it
wants to do, and sulks for a while. 
>
0
William
10/9/2016 12:14:55 PM
Reply: