another ssh delay problem
807559Jan 28 2009 — edited Jan 29 2009Hello,
The node in question (A) runs Solaris 9 and sshd. There are complaints about long delays (up to 65s) when trying to login from the management node to node A, using ssh and the keyboard-interactive method (entering password).
Just for test, I tried to do an ssh from A to A (locally) to see what happens -- symptoms are the same. Delay occurs after the "debug1: SSH2_MSG_KEXINIT sent" message in the ssh log below.
I googled a lot. Did a snoop and surprisingly didn't notice any DNS query going out to the DNS server during the login. Still I added a mapping IPaddress<-->hostname in hosts file.
I also tried to use "UseDNS no" option in sshd_config, however this does not work with SunSSH.
Is there any way to turn off reverse DNS query, or turn off all the other authentication methods except keyboard-interactive? I guess some of that could help?
Thanx/Regards
bash-2.05# ssh -vvv root@10.120.21.226
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090700f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 10.120.21.226 [10.120.21.226] port 22.
debug1: Connection established.
(...)
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
mech_dh: Invalid or unknown error
debug1: SSH2_MSG_KEXINIT sent
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
(delay here)
Jan 28 12:58:01 adr-dnse01 sshd[28847]: fatal: Write failed: Broken pipe
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
(.....)