GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HP-UX SSH Authentication Lag
Operating System - HP-UX
1849802
Members
2462
Online
104044
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 10:52 PM
12-11-2005 10:52 PM
Hi! I had problem here. Need help to fix it.
When i will start ssh session i had big lag in autentication
Root@mmc2://#>ssh -v mmc2
OpenSSH_4.1, OpenSSL 0.9.7e 25 Oct 2004
HP-UX Secure Shell-A.04.10.002, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to mmc2 [192.168.0.2] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/3
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
-> lag 1-2 minute.
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1
debug1: match: OpenSSH_4.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'mmc2' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/id_rsa
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug1: Next authentication method: password
root@mmc2's password:
After that all work fine. What cause this lag? Anybody meet same problem and solve it? How? I had HP-UX 11.0 on C9000 L3000 class server here. I check host files. all ip present there. nslookop work fine. But problem exist.
When i will start ssh session i had big lag in autentication
Root@mmc2://#>ssh -v mmc2
OpenSSH_4.1, OpenSSL 0.9.7e 25 Oct 2004
HP-UX Secure Shell-A.04.10.002, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to mmc2 [192.168.0.2] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/3
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
-> lag 1-2 minute.
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1
debug1: match: OpenSSH_4.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'mmc2' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/id_rsa
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive,hostbased
debug1: Next authentication method: password
root@mmc2's password:
After that all work fine. What cause this lag? Anybody meet same problem and solve it? How? I had HP-UX 11.0 on C9000 L3000 class server here. I check host files. all ip present there. nslookop work fine. But problem exist.
Solved! Go to Solution.
6 REPLIES 6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 10:56 PM
12-11-2005 10:56 PM
Solution
Check this thread.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=780226
Old versions of ssh use, some commands to generate the random number (required in ssh process). Remove some of the commands used for random number generation and it should be OK.
Also another optionm is to upgrade.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=780226
Old versions of ssh use, some commands to generate the random number (required in ssh process). Remove some of the commands used for random number generation and it should be OK.
Also another optionm is to upgrade.
There is no substitute to HARDWORK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 10:59 PM
12-11-2005 10:59 PM
Re: HP-UX SSH Authentication Lag
Hi Gloom,
are you sure to use the same SSH version between the systems?
I know that could be a delay on connection between one system with SSH2 and another with SSH1 since the authentication algorithm is different. If so then just try to install the same version on both nodes.
HTH.
Best regards,
Fabio
are you sure to use the same SSH version between the systems?
I know that could be a delay on connection between one system with SSH2 and another with SSH1 since the authentication algorithm is different. If so then just try to install the same version on both nodes.
HTH.
Best regards,
Fabio
WISH? IMPROVEMENT!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 11:04 PM
12-11-2005 11:04 PM
Re: HP-UX SSH Authentication Lag
PRNGD could be the cause. Do you have PRNGD installed on your server ? Just check by,
# swlist |grep -i "prng"
-Arun
# swlist |grep -i "prng"
-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 11:26 PM
12-11-2005 11:26 PM
Re: HP-UX SSH Authentication Lag
-> Arun PRNGD not installed.
-> Fabio Ettore Version is different. becouse i had two HP-UX servers and some small Linux mashines. Versions on Hpux same and versions on linux same but different to each other.
But when i connect from hpux to his local host i had lag too. but. i connect to same mashines. so version must be same...
-> Fabio Ettore Version is different. becouse i had two HP-UX servers and some small Linux mashines. Versions on Hpux same and versions on linux same but different to each other.
But when i connect from hpux to his local host i had lag too. but. i connect to same mashines. so version must be same...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 11:35 PM
12-11-2005 11:35 PM
Re: HP-UX SSH Authentication Lag
your other server seems to be version2 and local version1.
Why not jsut do ssh -1 "remote_server"
Also nslookup on host_name and host_ip
Should be OK. In sshd config file, whay not set preferred autehntication method to public key??
Why not jsut do ssh -1 "remote_server"
Also nslookup on host_name and host_ip
Should be OK. In sshd config file, whay not set preferred autehntication method to public key??
There is no substitute to HARDWORK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2005 11:59 PM
12-11-2005 11:59 PM
Re: HP-UX SSH Authentication Lag
I found problem source. It was /opt/ssh/etc/ssh_prng_cmds file.
Just need to erace some commands from it like this:
# entropy gathering commands
# Format is: "program-name args" path rate
# The "rate" represents the number of bits of usuable entropy per
# byte of command output. Be conservative.
#
# $Id: ssh_prng_cmds.in,v 1.8 2002/07/14 21:43:58 tim Exp $
"ls -alni /usr/adm" /usr/bin/ls 0.02
"ls -alni /etc/mail" /usr/bin/ls 0.02
"ls -alni /usr/mail" /usr/bin/ls 0.02
"ls -alti /usr/adm/syslog" /usr/bin/ls 0.02
"ls -alti /var/adm/syslog" /usr/bin/ls 0.02
"ls -alti /usr/bin" /usr/bin/ls 0.02
"ls -alti /usr/tmp" /usr/bin/ls 0.02
"ls -alti /opt" /usr/bin/ls 0.02
#"ps -al" /usr/bin/ps 0.03
#"ps -ex" /usr/bin/ps 0.03
#"who am i" /usr/bin/who 0.01
#"vmstat" /usr/bin/vmstat 0.01
#"tail -100 /var/adm/syslog" /usr/bin/tail 0.01
#"tail -100 /var/adm" /usr/bin/tail 0.01
#"tail -100 /var/adm/syslog/mail.log" /usr/bin/tail 0.01
"ls -alni /dev/log" /usr/bin/ls 0.02
"ls -alni /var/adm" /usr/bin/ls 0.02
"ls -alni /var/adm/syslog" /usr/bin/ls 0.02
"ls -alni /usr/adm/syslog" /usr/bin/ls 0.02
"ls -alni /usr/bin" /usr/bin/ls 0.02
"ls -alni /tmp" /usr/bin/ls 0.02
"ls -alni /var/tmp" /usr/bin/ls 0.02
"ls -alni /usr/tmp" /usr/bin/ls 0.02
"ls -alti /dev/log" /usr/bin/ls 0.02
"ls -alti /var/adm" /usr/bin/ls 0.02
"ls -alti /etc/mail" /usr/bin/ls 0.02
"ls -alti /tmp" /usr/bin/ls 0.02
"ls -alti /var/tmp" /usr/bin/ls 0.02
#"netstat -an" /usr/bin/netstat 0.05
#"ps laxww" /usr/bin/ps 0.03
#"ps -efl" /usr/bin/ps 0.03
#"w" /usr/bin/w 0.05
#"who -u" /usr/bin/who 0.01
#"last" /usr/bin/last 0.01
#"last log" /usr/bin/last 0.01
#"uptime" /usr/bin/uptime 0.01
#"ipcs -a" /usr/bin/ipcs 0.01
#"tail -100 /var/adm/syslog/syslog.log" /usr/bin/tail 0.01
#"tail -100 /var/adm/syslog/syslog.log" /usr/bin/tail 0.01
#"sar -d 1 2" /usr/sbin/sar 0.04
#"netstat -rn" /usr/bin/netstat 0.05
#"netstat -n" /usr/bin/netstat 0.05
#"netstat -s" /usr/bin/netstat 0.05
#"netstat -is" /usr/bin/netstat 0.05
#"arp -a" /usr/sbin/arp 0.02
This allow to avoid this problem. seems to be their slowly execution cause the problem.
Thanks all. !
Just need to erace some commands from it like this:
# entropy gathering commands
# Format is: "program-name args" path rate
# The "rate" represents the number of bits of usuable entropy per
# byte of command output. Be conservative.
#
# $Id: ssh_prng_cmds.in,v 1.8 2002/07/14 21:43:58 tim Exp $
"ls -alni /usr/adm" /usr/bin/ls 0.02
"ls -alni /etc/mail" /usr/bin/ls 0.02
"ls -alni /usr/mail" /usr/bin/ls 0.02
"ls -alti /usr/adm/syslog" /usr/bin/ls 0.02
"ls -alti /var/adm/syslog" /usr/bin/ls 0.02
"ls -alti /usr/bin" /usr/bin/ls 0.02
"ls -alti /usr/tmp" /usr/bin/ls 0.02
"ls -alti /opt" /usr/bin/ls 0.02
#"ps -al" /usr/bin/ps 0.03
#"ps -ex" /usr/bin/ps 0.03
#"who am i" /usr/bin/who 0.01
#"vmstat" /usr/bin/vmstat 0.01
#"tail -100 /var/adm/syslog" /usr/bin/tail 0.01
#"tail -100 /var/adm" /usr/bin/tail 0.01
#"tail -100 /var/adm/syslog/mail.log" /usr/bin/tail 0.01
"ls -alni /dev/log" /usr/bin/ls 0.02
"ls -alni /var/adm" /usr/bin/ls 0.02
"ls -alni /var/adm/syslog" /usr/bin/ls 0.02
"ls -alni /usr/adm/syslog" /usr/bin/ls 0.02
"ls -alni /usr/bin" /usr/bin/ls 0.02
"ls -alni /tmp" /usr/bin/ls 0.02
"ls -alni /var/tmp" /usr/bin/ls 0.02
"ls -alni /usr/tmp" /usr/bin/ls 0.02
"ls -alti /dev/log" /usr/bin/ls 0.02
"ls -alti /var/adm" /usr/bin/ls 0.02
"ls -alti /etc/mail" /usr/bin/ls 0.02
"ls -alti /tmp" /usr/bin/ls 0.02
"ls -alti /var/tmp" /usr/bin/ls 0.02
#"netstat -an" /usr/bin/netstat 0.05
#"ps laxww" /usr/bin/ps 0.03
#"ps -efl" /usr/bin/ps 0.03
#"w" /usr/bin/w 0.05
#"who -u" /usr/bin/who 0.01
#"last" /usr/bin/last 0.01
#"last log" /usr/bin/last 0.01
#"uptime" /usr/bin/uptime 0.01
#"ipcs -a" /usr/bin/ipcs 0.01
#"tail -100 /var/adm/syslog/syslog.log" /usr/bin/tail 0.01
#"tail -100 /var/adm/syslog/syslog.log" /usr/bin/tail 0.01
#"sar -d 1 2" /usr/sbin/sar 0.04
#"netstat -rn" /usr/bin/netstat 0.05
#"netstat -n" /usr/bin/netstat 0.05
#"netstat -s" /usr/bin/netstat 0.05
#"netstat -is" /usr/bin/netstat 0.05
#"arp -a" /usr/sbin/arp 0.02
This allow to avoid this problem. seems to be their slowly execution cause the problem.
Thanks all. !
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2026 Hewlett Packard Enterprise Development LP