HPE Community
Operating System - HP-UX
1836322 Members
2293 Online
110100 Solutions
New Discussion

Login taking too much time through ssh

 
Md. Shafiullah
Advisor

‎09-11-2005 06:22 PM

‎09-11-2005 06:22 PM

Login taking too much time through ssh

I use ssh to login a HPUX 11i server. When i give username it takes a long time (few minutes) to come the prompt that asks for password. I have traced a unusual line in syslog.log. Can u help?

Sep 11 16:41:21 test syslog: get_pwhist_config: Can not open /etc/default/security file. Default password history depth 1 is used.
0 Kudos
5 REPLIES 5
RAC_1
Honored Contributor

‎09-11-2005 06:35 PM

‎09-11-2005 06:35 PM

Re: Login taking too much time through ssh

Do you have /etc/default/security file??

Checks perms on /etc
/etc/default and /etc/default/security file.

Also what version of ssh do you use?? openssh or hp's ssh?? some versions of ssh use a combination of commands to generate the random number generation and this takes time.

To get around this, you can update to latest version, reduce the commands that are used to generate the random number. Also look at installing KRNG. (random number generation number product. This makes use of /dev/random and /dev/urandom)
There is no substitute to HARDWORK
0 Kudos
Md. Shafiullah
Advisor

‎09-11-2005 06:47 PM

‎09-11-2005 06:47 PM

Re: Login taking too much time through ssh

TQ for ur response.

I cant find the file /etc/default/security
I use putty for ssh login.

When I login from another HPUX machine using hp's ssh, it takes no time to login but when i use putty from my windows machine it takes too much time.

Could you suggest another ssh software that i can use except putty?



0 Kudos
RAC_1
Honored Contributor

‎09-11-2005 06:56 PM

‎09-11-2005 06:56 PM

Re: Login taking too much time through ssh

Agin. the delay is on due to putty. The delay may be on account of the time ssh takes to generate the random number. Random neumber is generated for ssh session and every ssh does that. (openssh, hp's ssh, etc)

And you did not inform on ssh version. Old ssh versions use few commands for random number generation and that delays the the whole process of setting a session.

So you have following options to try.
1. update ssh to latstet version. (version 4 i think)
2. use few commands to generate the random number. (speed up random number generation)
There is no substitute to HARDWORK
0 Kudos
Md. Shafiullah
Advisor

‎09-12-2005 05:26 PM

‎09-12-2005 05:26 PM

Re: Login taking too much time through ssh

Thanks RAC for your help. I have solved the problem. Actually the problem was with name resolution. The dns ip was wrong in /etc/resolve.conf file. Thats why it was taking so much to login.

Again thaks RAC for your response.

Shafi
0 Kudos
Steve Post
Trusted Contributor

‎09-13-2005 01:44 AM

‎09-13-2005 01:44 AM

Re: Login taking too much time through ssh

No. You're solved answer is not fully correct. You put a band-aid on the symtom, but ignored the cause.

The REAL answer is the the ssh program is running "netstat -i" as part of generating the random number. Fixing DNS to more quickly run "netstat -i"

If DNS changes, you might be back to square one.

You have 3 choices:
1. modify ????ssh/etc/ssh_prng_cmds to comment out that "netstat -i" command.
2. get a better random number generator.
3. wait for it to go slow down again.

You currently have chosen option #3.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.