SCIENTIFIC-LINUX-USERS Archives

June 2006

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: SSH question
From:
FRANCHISSEUR Robert <[log in to unmask]>
Reply To:
FRANCHISSEUR Robert <[log in to unmask]>
Date:
Thu, 8 Jun 2006 00:06:58 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (97 lines) 
----- Original message from Maxim Kovgan on Wed Jun  7 15:46:23 2006 -----
> 
> Hello, SSH issue.
> I am having this actually with SLC3.0.6, not the SL3.0.4, but maybe
> you have an idea how to help this.
> description:
> when using keys based authentication method I get 2.5 seconds delay, i.e.:
> 
> user@machine1:~$ time ssh machine2 hostname
> time ssh ds-w10 hostname
> machine2
> 
> real    0m2.657s
> user    0m0.060s
> sys     0m0.010s
> user@machine1:~$
> 
> analysis:
> At 1st I thought this is DNS issue ( although we use both direct and
> reverse lookups extensively )
> After a little dig, I got to the fact that the session delays exactly
> at the time when the server picks up an authentication method.
> After another dig on the ssh server, I realized the ssh server is
> trying to 1st authenticate user via keyboard interactive methods, and
> only then 'falls back' to key based method.
> GOOGLE shows there are reports on such thing in the web and ML
> archives, but no solution is discussed.
> After several IRC conversations I realized that this is maybe a
> compile time option.
> I even have tried to imply the order on the client side, but this is
> not respected by the server.
> 
> Question: Is ther a way to force sshd to use a certain order of
> authentication methods ?
> 
> Shall I simply use SL3 openssh-server package and end with it ?
> :)
> 

       Hello,

       I have a similar problem with SL4.1 ssh *client*
       when I connect to a Sun machine with an old ssh protocol 1
       server.

       If I connect to the same Sun with other ssh client server
       it is quite faster. 


#### rabeson:/u/robert > time ssh  mambo hostname           # from my SL4.1 machine
mambo

real    0m10.761s
user    0m0.041s
sys     0m0.012s
#

#### gottlieb:/u/robert > time ssh  -1  mambo hostname      # from Mandriva Linux release 2006.0 
mambo
0.03user 0.00system 0:00.75elapsed 5%CPU (0avgtext+0avgdata 0maxresident)k
0inputs+0outputs (0major+1272minor)pagefaults 0swaps

#### django:/u/robert > time ssh   mambo hostname           # from  Debian testing 
mambo

real    0m0.768s
user    0m0.013s
sys     0m0.007s

#### henocq:/u/robert > time ssh   mambo hostname            # old RedHat 6.2 (same old ssh client as 
mambo                                                                          the sun)

real    0m0.799s
user    0m0.060s
sys     0m0.000s

       Trying with a -v option one sees that the hang is between:

debug1: identity file /u/robert/.ssh/identity type 0
       and
debug1: Remote protocol version 1.5, remote software version SSF-1.2.27.8-static

       Hope this help.

-- 

                 Best regards,
                               Robert FRANCHISSEUR

 ____ Apollo_gist :-)______________________________________________________
| Robert FRANCHISSEUR - Laboratoire de Météorologie Dynamique -   C.N.R.S. |
| Equipe "R.A.M.S.E.S." - UNIVERSITE P. et M. Curie - Tour 45-55 3ème 315C |
| Boite 99 -        4, place Jussieu        F-75252 PARIS CEDEX 05  FRANCE |
| Phone  : +33 (0)1 44 27 73 87           fax     : +33 (0)1 44 27 62 72   |
| e-mail : robert at lmd . jussieu . fr   http    : //www.lmd.jussieu.fr   |
 --------------------------------------------------------------------------

ATOM RSS1 RSS2