HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

slow SSH

 
SOLVED
Go to solution
dictum9
Super Advisor

slow SSH

I installed new version OpenSSH 5.5 on hp-ux 11.23.

When I ssh to that machine with new SSH version, it takes about 10-12 seconds to get there. Much slower.

Telnet is fine, there are no DNS issues as far as I can tell.

I have other machines with identical sshd_config file that do not have that issue.

Any idea what's going on?
3 REPLIES
Steven E. Protter
Exalted Contributor
Solution

Re: slow SSH

Shalom,

If the only change factor is openssh, then bad software is the likely cause.

Did you get openssh from http://software.hp.com where it is named secure shell? If yes, report the problem and wait for a new version.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Bill Hassell
Honored Contributor

Re: slow SSH

There are two areas where ssh can slow down. The first is the remote server. It must do a lot of computing so if it is a very slow D350 or K320, then the random number computation will be very slow -- all connections to these machines will appear to be slow to start.

The second is address resolution and DNS is very often the culprit. nslookup is not enough. Like telnet and rlogin, the ssh code will try to validate the hostname *and* the IP address. This means that the DNS server must store both records. But when the DNS server is managed by Windows admins, they often fail to add the reverse lookup records.

For servers, I never rely on DNS as the first authority. Use /etc/hosts first, then DNS and don't search unavailable services such as NIS or LDAP. Do this by editing the lines in /etc/nsswitch.conf:

hosts: files [NOTFOUND=continue UNAVAIL=continue] dns
ipnodes: files [NOTFOUND=continue UNAVAIL=continue] dns

Now populate /etc/hosts with the servers you'll be contacting along with PCs and MACs that connect often.

Also check DNS with nsquery rather than nslookup:

nsquery hosts itrc.hp.com
nsquery hosts 15.217.80.218


Bill Hassell, sysadmin
SUDHAKAR_18
Trusted Contributor

Re: slow SSH

pls check the size of /var/adm/wtmps file.

have you restarted the sshd services after upgrade ?