Re: Long Delay After Password During ssh Login

Craig Johnson_1 · ‎04-04-2011

I'm seeing a 15-25 second delay after entering my password when logging in via ssh.

11.31 servers. Running Centrify but my account is excluded from it. Telnet shows no delay.

DNS appears to be configured correctly and reverse lookups of the box I'm coming from show no delay or issue.

ssh -vv hostname doesn't show any issue at all. Lots of "it worked".

I tried setting "UseDNS no" in the sshd_config, didn't help.

Any idea?

Steven E. Protter · ‎04-04-2011

Shalom,

Server being logged into needs an /etc/hosts entry for itself. This takes DNS delay out of the equation.

This is a pretty common problem with HP-UX.

If the inbound server is hostname stevesvr and its ip address is 192.168.0.20 an /etc/hosts entry like:

192.168.0.20 stevesvr stevesvr.yourdomain.com

Will do the trick.
The assumption here is /etc/nsswitch.conf is configured to look at files first. That is industry standard.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Craig Johnson_1 · ‎04-04-2011

This is the server I'm logging into:

# grep b201u005 /etc/hosts
10.10.240.72 b201u005 b201u005.bg.na.jci.com

# ifconfig lan0
lan0: flags=1843
inet 10.10.240.72 netmask ffffffe0 broadcast 10.10.240.95

/etc/nsswitch.conf is set to hosts: files dns

Mel Burslan · ‎04-04-2011

since you mentioned ssh -vv I am assuming you did the -vvv (triple "v"'s) version. Does the wait happen after you get the

Authentication succeeded (password).

message or before ?

Assuming it happens after, what I would suggest is to put

set -x

line to the beginning of your .profile and .kshrc (assuming you are running ksh, if not, modify accordingly) and try to figure out where the hang-up is.

don't forget the

set +x at the end of each file as well

________________________________
UNIX because I majored in cryptology...

Abid Iqbal · ‎04-04-2011

Hi,
Please check and report the size of /var/adm/wtmps file.

Matti_Kurkela · ‎04-04-2011

Check the start-up time of your sshd daemon and compare it to the timestamps of your /etc/resolv.conf, /etc/nsswitch.conf and /etc/hosts files.

If those files have been modified since sshd was started, it is likely sshd is still using the old values.

MK

MK

himacs · ‎04-04-2011

Craig,

You can null the files /var/adm/wtmps and btmps.
Both files holds the user login related informations.wtmps is for successful logins and btmps is for failed logins.

Regards
himacs

Abid Iqbal · ‎04-04-2011

Ya, you are right himacs.
The same i asked to check. This will resolve the issue.

Craig Johnson_1 · ‎04-05-2011

Those files are huge:

b201u005:/var/adm > ll *tmps
-rw------- 1 root other 45637392 Apr 4 09:45 btmps
-rw-rw-r-- 1 adm adm 993000564 Apr 5 07:45 wtmps

I'm curious though, why would they affect ssh but not telnet?

Lee Kendrick · ‎04-05-2011

wtmps is for SSH / SFTP / SCP and wtmp is for telnet / FTP. Likewise the bad login files, btmps = SSH & btmp = telnet.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Long Delay After Password During ssh Login

Long Delay After Password During ssh Login