SSH login very slow
This is a discussion on SSH login very slow within the Linux Networking forums, part of the Linux Forums category; Hello all, I'm a newbee system administrator to an intranet server running sshd, httpd and mysql server. SSH login ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-28-2004
|
|||
|
|||
SSH login very slow
Hello all,
I'm a newbee system administrator to an intranet server running sshd, httpd and mysql server. SSH login to this server is slooooooow. It takes upto 1 minute to login after entering the password. Same problem when logging in with my private/public key. Server runs on Fedora Core 2 - complete install. Is is something concerned to the network itself or something to do with my sshd_config? Here's my /etc/ssh/sshd_config: ------------------------------------------ SyslogFacility AUTHPRIV X11Forwarding no Compression no Subsystem sftp /usr/libexec/openssh/sftp-server -------------------------------------------- Rest of the lines are commented. Now, I'm still a bit scared to play around with ssh, as many users are connected to the server at any time, including a couple of professors :-( What could be the possible problem? regards, GVK 
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
On Mon, 28 Jun 2004 23:48:05 +0530, GVK <vamsee_k@students.iiit.net> wrote:
> > > Hello all, > I'm a newbee system administrator to an intranet server running sshd, > httpd and mysql server. SSH login to this server is slooooooow. > It takes upto 1 minute to login after entering the password. Same > problem when logging in with my private/public key. > Server runs on Fedora Core 2 - complete install. Is is something > concerned to the network itself or something to do with my sshd_config? > > Here's my /etc/ssh/sshd_config: > > ------------------------------------------ > SyslogFacility AUTHPRIV > X11Forwarding no > Compression no > Subsystem sftp /usr/libexec/openssh/sftp-server > -------------------------------------------- > > Rest of the lines are commented. Now, I'm still a bit scared to play > around with ssh, as many users are connected to the server at any time, > including a couple of professors :-( > > What could be the possible problem? > Don't know about your specific problem, but have been seeing a LOT of problems with fedora Core 2 on the Usenet lately. You might want to try a different distro. AC
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
Alan Connor wrote:
> Don't know about your specific problem, but have been seeing a LOT > of problems with fedora Core 2 on the Usenet lately. > > You might want to try a different distro. > > AC Well, I think it's just my problem. 'Cos, I'm running all my 3 boxes on FC2. No problems so far. So, guess it's just the problem with the server. Also, I downloaded 8 CDs of Sarge. Boy, the new installer sure is good. I didn't know how to configure network on it :-( setup and netconfig won't work. What else should I do to make the damn network work? GVK
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
GVK wrote:
> Hello all, > I'm a newbee system administrator to an intranet server running > sshd, httpd and mysql server. SSH login to this server is slooooooow. > It takes upto 1 minute to login after entering the password. Same > problem when logging in with my private/public key. > Server runs on Fedora Core 2 - complete install. Is is something > concerned to the network itself or something to do with my sshd_config? > > Here's my /etc/ssh/sshd_config: > > ------------------------------------------ > SyslogFacility AUTHPRIV > X11Forwarding no > Compression no > Subsystem sftp /usr/libexec/openssh/sftp-server > -------------------------------------------- > > Rest of the lines are commented. Now, I'm still a bit scared to play > around with ssh, as many users are connected to the server at any time, > including a couple of professors :-( > > What could be the possible problem? > > regards, > GVK Do you access the server directly (same subnet), or via a router/proxy/firewall? SSH can be quite sluggish behind a proxy. -- LucM Visit your friends > www.gnu.org > www.greenpeace.org
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
GVK wrote:
> Hello all, > I'm a newbee system administrator to an intranet server running sshd, > httpd and mysql server. SSH login to this server is slooooooow. > It takes upto 1 minute to login after entering the password. Same > problem when logging in with my private/public key. > Server runs on Fedora Core 2 - complete install. Is is something > concerned to the network itself or something to do with my sshd_config? I'd say that the problem is reverse DNS. Does your FC2 box and client machine have correct DNS-settings? Does reverse DNS work (is it possible to find name your IP address)? Check the reverse DNS with dig: # dig -x 192.168.2.2 (where 192.168.2.2 is the IP address of your client machine. Also do the same check to the FC2 box) You should see machine name in the ANSWER section. If the reverse DNS query is not working, contact your ISP to correct the DNS or add your client machine to the /etc/hosts file (to your FC2 box): 192.168.2.2 myclient.somedomain.fin myclient you can add your FC2 box to the hosts file too: 192.168.2.1 myfc2box.somedomain.fin myfc2box , you should use the same name as defined in /etc/sysconfig/network and check that commands hostname and hostname -f work and return the correct name. Best Regards Kimmo Koivisto
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
On Mon, 28 Jun 2004 23:48:05 +0530, GVK wrote:
> Hello all, > I'm a newbee system administrator to an intranet server running sshd, > httpd and mysql server. SSH login to this server is slooooooow. > It takes upto 1 minute to login after entering the password. Same > problem when logging in with my private/public key. > Server runs on Fedora Core 2 - complete install. Is is something > concerned to the network itself or something to do with my sshd_config? Hi, Last time I experienced this, it was when I had linux running on a Pentium and my ssh key was 1024 bits. It just took the cpu a while to work it out. just my 2c Ed.
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow
Kimmo Koivisto wrote:
> If the reverse DNS query is not working, contact your ISP to correct the DNS > or add your client machine to the /etc/hosts file (to your FC2 box): > > 192.168.2.2 myclient.somedomain.fin myclient > > you can add your FC2 box to the hosts file too: > 192.168.2.1 myfc2box.somedomain.fin myfc2box > > , you should use the same name as defined in /etc/sysconfig/network and > check that commands > hostname > and > hostname -f > work and return the correct name. Well, adding the client IP to server's /etc/hosts helped :) It's working well and good now. But how about the rest of the clients? They all are facing the same problem. Let's say the clients use IPs 172.16.19.*...anyway I can make it faster for all of them? regards, GVK
|
|
06-28-2004
|
|||
|
|||
|
Re: SSH login very slow-more problems
GVK wrote:
> Kimmo Koivisto wrote: > >> If the reverse DNS query is not working, contact your ISP to correct >> the DNS >> or add your client machine to the /etc/hosts file (to your FC2 box): >> >> 192.168.2.2 myclient.somedomain.fin myclient >> >> you can add your FC2 box to the hosts file too: >> 192.168.2.1 myfc2box.somedomain.fin myfc2box >> >> , you should use the same name as defined in /etc/sysconfig/network and >> check that commands >> hostname >> and >> hostname -f >> work and return the correct name. > > > Well, adding the client IP to server's /etc/hosts helped :) > It's working well and good now. But how about the rest of the clients? > They all are facing the same problem. Let's say the clients use IPs > 172.16.19.*...anyway I can make it faster for all of them? > > regards, > GVK Adding the host's name to /etc/hosts is helping out but when I type "w" on the server, it is showing the client's name, not IP. Also, is it possible to turn off this whole reverse-DNS-lookup thing on the server? regards, GVK
|
|
06-29-2004
|
|||
|
|||
|
Re: SSH login very slow
GVK wrote:
> Kimmo Koivisto wrote: >> If the reverse DNS query is not working, contact your ISP to correct the >> DNS or add your client machine to the /etc/hosts file (to your FC2 box): >> >> 192.168.2.2 myclient.somedomain.fin myclient >> >> you can add your FC2 box to the hosts file too: >> 192.168.2.1 myfc2box.somedomain.fin myfc2box >> >> , you should use the same name as defined in /etc/sysconfig/network and >> check that commands >> hostname >> and >> hostname -f >> work and return the correct name. > > Well, adding the client IP to server's /etc/hosts helped :) > It's working well and good now. But how about the rest of the clients? > They all are facing the same problem. Let's say the clients use IPs > 172.16.19.*...anyway I can make it faster for all of them? > > regards, > GVK Okay, now we can be sure that the problem is that reverse DNS is not working. There is two solutions, maybe more, but here are those: 1) If the network (172.16.19.*) is in your control, you can set up (or fix existing) DNS which resolves those addresses to names. You don't have to have real domain, just set up private DNS server. Setting up properly configured DNS makes network work smoother. 2) Disable DNS check from ssh-server. This helps only to the ssh-problem, you can find same kind of problems from other services too and option 1) would then be wiser thing to do. Disable dns-check by defining the following to the /etc/sshd_config and then restart sshd (service sshd restart) UseDNS no If this does not work, setting up DNS could be the best thing. Or you can add all 172.16.19.* addresses to the hosts file (with shell script of course). Terveisin Kimmo Koivisto
|
Linear Mode
