HPE Community
Operating System - HP-UX
1827428 Members
3858 Online
109965 Solutions
New Discussion

Re: ssh server slow

 
letters
Occasional Advisor

‎05-04-2011 12:53 AM

‎05-04-2011 12:53 AM

ssh server slow

Hello,

When i connect to a HPUX11.31 in ssh ; i type my login and i must wait 30-40 seconds before to see appear the prompt of password !
What' s the problem ?
Thanks
0 Kudos
Reply
18 REPLIES 18
sangilak
Trusted Contributor

‎05-04-2011 01:06 AM

‎05-04-2011 01:06 AM

Re: ssh server slow

Hi,


Not sure which version of SSH you have currently installed, but I remember to have read somewhere that the latest version 5.60 addresses some slow loging issues.

It can be downloaded from:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA


Hope that helps,

sangilak
0 Kudos
Reply
letters
Occasional Advisor

‎05-04-2011 01:43 AM

‎05-04-2011 01:43 AM

Re: ssh server slow

I think that it's a network problem because i have also the same problem with sftp
0 Kudos
Reply
Viktor Balogh
Honored Contributor

‎05-04-2011 03:54 AM

‎05-04-2011 03:54 AM

Re: ssh server slow

I bet you have a large wtmps file, the solution is to purge that file:

# > /var/adm/wtmps

Now ssh should work fine. It is a known bug...
****
Unix operates with beer.
0 Kudos
Reply
Viktor Balogh
Honored Contributor

‎05-04-2011 03:55 AM - last edited on ‎07-11-2011 08:51 AM by

‎05-04-2011 03:55 AM - last edited on ‎07-11-2011 08:51 AM by

Re: ssh server slow

"HP-UX Secure Shell Software - Logins Slower after Update to Version A.04.70.010
ISSUE:
User was running HP-UX Secure Shell-A.04.30.007 and all was working OK. He updated to a more current version (A.04.70.10) and now his logins take 10-15 seconds to complete. The delay appears after entering the password.

SOLUTION:
The newer version of the ssh daemon (/usr/bin/sshd) will read the entire file /var/adm/wtmps if it exists. Since this file grows without bound, it can become exceeding large and cause delays in the login process.

The man page for wtmps states:

Note that wtmps and btmps tend to grow without bound, and should be checked regularly. Information that is no longer useful should be removed periodically to prevent the file from becoming too large. Also note that wtmps and btmps are not created by the programs that maintain them. Thus, if these files are removed, login record-keeping is turned off."


see this thread:

http://h30499.www3.hp.com/t5/System-Administration/SSH-Authentification-very-slow-on-HPUX-11-31/m-p/4361622#M346130

****
Unix operates with beer.
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎05-04-2011 05:09 AM

‎05-04-2011 05:09 AM

Re: ssh server slow

> [...] HPUX11.31 in ssh [...]

ssh -V

Actual output from "uname -a" wouldn't hurt,
either.

> What' s the problem ?

Is this a new problem where things have
worked properly before?

> I think that it's a network problem because
> i have also the same problem with sftp

SSH and SFTP are not different enough that
that tells you anything. If other,
_different_ services (like, say, FTP or
Telnet), also see a delay, then you may have
a DNS problem. A Forum search for keywords
like:
ssh slow dns
should find many old threads which describe
the common DNS problem, and how to fix it.
0 Kudos
Reply
uz
Occasional Advisor

‎05-04-2011 05:14 AM

‎05-04-2011 05:14 AM

Re: ssh server slow

I purged wtmps and wtmp but it's the same
0 Kudos
Reply
uz
Occasional Advisor

‎05-04-2011 05:21 AM

‎05-04-2011 05:21 AM

Re: ssh server slow

[root@X-4 /opt/mozilla]# ssh -V
OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14, OpenSSL 0.9.7l 28 Sep 2006
HP-UX Secure Shell-A.04.50.011, HP-UX Secure Shell version
[root@X-4 /opt/mozilla]# uname -a
HP-UX X-4 B.11.31 U ia64 069218587 unlimited-user license
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎05-04-2011 06:25 AM

‎05-04-2011 06:25 AM

Re: ssh server slow

> HP-UX Secure Shell-A.04.50.011[...]

Not the latest version, is it? (But that
should not be the problem here.)

> Is this a new problem where things have
> worked properly before?

Still wondering.

> [...] A Forum search [...]

Did you look? On the SSH server:

nslookup
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎05-04-2011 09:19 AM

‎05-04-2011 09:19 AM

Re: ssh server slow

Be sure that the ipnodes entry is same as the hosts entry in

/etc/nsswitch.conf


## grep -e host -e node /etc/nsswitch.conf
hosts: files [NOTFOUND=continue UNAVAIL=continue] dns
ipnodes: files [NOTFOUND=continue UNAVAIL=continue] dns


bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
uz
Occasional Advisor

‎05-04-2011 11:34 PM

‎05-04-2011 11:34 PM

Re: ssh server slow

I added "[NOTFOUND=continue UNAVAIL=continue] dns" to the line "ipnodes: files"
but always slow connexion

And as answer to Steven
> Is this a new problem where things have
> worked properly before?

This server has been installed by a person who is gone and i haven't the history of the instal
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎05-05-2011 02:40 AM

‎05-05-2011 02:40 AM

Re: ssh server slow

> And as answer to Steven
> [...]

One answer, more than one question. I'll try
one more time.

> [...] If other,
> _different_ services (like, say, FTP or
> Telnet), also see a delay, then you may have
> a DNS problem. A Forum search for keywords
> like:
> [...]


> > [...] A Forum search [...]
>
> Did you look? On the SSH server:
>
> nslookup
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎05-05-2011 03:46 AM - last edited on ‎07-11-2011 08:50 AM by

‎05-05-2011 03:46 AM - last edited on ‎07-11-2011 08:50 AM by

Re: ssh server slow

Oooops, my bad.

It would help if I read the orignal problem description correctly!

The slowness is *after* login prompt,
so it's probably not a usual DNS issue.


Does the problem occur when you try to ssh into the box from another login on the same box (ie, to itself)?


You can start a temporary sshd in debug mode on a different port to see what sshd and is doing.

With ssh -v from the source and the debugging sshd, you should be able to see exactly what they are both doing during the delay.

See Victor's and my suggestions in this thread:

You can watch both the incoming
http://h30499.www3.hp.com/t5/General/ssh-stopped-working-after-depo-patch-update-on-hp-11-23/m-p/4783582#M147810


bv

"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
rmueller58
Valued Contributor

‎05-05-2011 06:15 AM

‎05-05-2011 06:15 AM

Re: ssh server slow


How is response on the console?

Connection time delay can be caused by many things.. Network traffic and utilization is a big culprit in delays as well. I see guys posting messages regarding things to look at on the UX box, and if the system was working OK up to a certain point and then doesn't.

on the UX box check top and see what your system utilization is doing, memory can be a problem. When we initially purchased one of our systems it was undersized in terms of RAM. We bumped the RAM and the problem went away.

Rule out the UX box, by checking the things being mentioned by others. May sure you have your kernel and wtmp settings correct.

That said, since, that problems with connection for us has been generally directly attributed to changes made on the DNS, network and traffic.
Content Filters, Someone downloading or streaming a video on a segment of the network, can slow connection time dramatically because of saturation.

my 2 cents.
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎05-05-2011 06:44 AM

‎05-05-2011 06:44 AM

Re: ssh server slow

Wait...

Why are you being asked for a login id?

Are you coming from another Unix/Linux box or are you using a SSH client, like 'Putty', from a Windows box?


What command are you using on the incoming and what version of ssh is it?


Please give us also HPUX sshd version:

## /usr/sbin/sshd -d 2>&1 | grep vers
debug1: sshd version OpenSSH_5.1p1+sftpfilecontrol-v1.2-hpn13v5 [ HP-UX Secure Shell-A.05.10.007 ]



bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
uz
Occasional Advisor

‎05-06-2011 01:10 AM

‎05-06-2011 01:10 AM

Re: ssh server slow

In fact, there isn't only the ssh connexion who is long : for example if i type :

[root@RX-2#swlist
I have :
#Initializing...
#Contacting target "RX-2"...

and the message remains for at least 2 minutes
before making the list !


I think that i go to reinstall this machine, somebody have the installation guide please
0 Kudos
Reply
Bob_Vance
Esteemed Contributor

‎05-06-2011 02:59 AM

‎05-06-2011 02:59 AM

Re: ssh server slow

show us

# cat /etc/resolv.conf
# grep -v ^# /etc/hosts
# grep -v ^# /etc/nsswitch.conf
# time nslookup rx-2

You still have not shown us the ssh & sshd versions.

who installed this system?
when?


show us

# swlist -l bundle | grep -e QP -e HWE
# swlist | grep Secure



bv
"The lyf so short, the craft so long to lerne." - Chaucer
0 Kudos
Reply
letters
Occasional Advisor

‎05-06-2011 05:25 AM

‎05-06-2011 05:25 AM

Re: ssh server slow

thanks for all it was a dns problem !
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎05-06-2011 10:56 AM

‎05-06-2011 10:56 AM

Re: ssh server slow

> [...] it was a dns problem !

It often is.

It might be helpful to some future reader if
you took a minute to explain how you found
the problem, and what the fix was.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.