Re: ssh is very slow

Henry F. Johnson · ‎05-08-2008

The server is a N-4000/440 running HP-UX 11i v2, configured to use ssh with a non-standard port. Telnet, ftp respond correctly, it's just ssh which takes approximately 35 to 50 seconds to complete the connection. We're using DNS and I've already tried nslookup on both the hostname and IP address. The output returns correctly and almost immediately.

Steven E. Protter · ‎05-08-2008

Shalom,

It could be a DNS response problem anyway.

Try the connection via IP address.

Then hostname.

If it is still a problem then.

swlist -l product | grep secure

This will give you your version of Secure Shell, which is actually just HP's port of openssh.

Consider an update from http://software.hp.com search for secure shell.

Also check the target server for issues.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Steven Schweda · ‎05-08-2008

> [...] I've already tried nslookup on both
> the hostname and IP address. [...]

Tried where? Which host name? Which IP
address? As usual, a transcript showing
actual commands with actual output might be
more helpful than vague and ambiguous
descriptions.

The usual DNS problem is a reverse
(number-to-name) look-up of the client, on
the server.

Adding "-v" to the "ssh" command (also not
disclosed) might give some idea of who's
doing what when.

Henry F. Johnson · ‎05-09-2008

To clarify i use nslookup 10.5.13.50 and nslookup quars703. Either way the output returns with no delay, and the information is correct. Below is the output from the swlist command:
quars703(root):/root> swlist -l product |grep Secure
Secure_Shell A.04.50.021 HP-UX Secure Shell
openssl A.00.09.07l.007 Secure Network Communications Protocol

Henry F. Johnson · ‎05-09-2008

Here is the output from ssh -v command:

quars703(root):/root> ssh -v cocn01
OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14, OpenSSL 0.9.7l 28 Sep 2006
HP-UX Secure Shell-A.04.50.021, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug1: Connecting to cocn01 [10.5.13.73] port 1800.
debug1: Connection established.
debug1: permanently_set_uid: 0/3
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1+sftpfilecontrol-v1.2-hpn12v17
debug1: match: OpenSSH_4.7p1+sftpfilecontrol-v1.2-hpn12v17 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[cocn01]:1800' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentication succeeded (keyboard-interactive).
debug1: Final hpn_buffer_size = 131072
debug1: channel 0: new [client-session]
debug1: Entering interactive session.

Steven Schweda · ‎05-09-2008

> Tried where? [...]

> [...] on
> the server.

> To clarify i use nslookup 10.5.13.50 and
> nslookup quars703.

Where? On quars703 or on cocn01? It needs
to work on the SSH server (cocn01).

> Here is the output from ssh -v command:

Where does it pause?

Henry F. Johnson · ‎05-09-2008

The nslookup was tried on both the server (quars703) and on various target servers (cocn01, quars700, and others). The ssh -v command paused at this line: debug1: Reading configuration data /opt/ssh/etc/ssh_config.

Steven Schweda · ‎05-09-2008

> The nslookup was tried [...]

If you supplied actual evidence, trust
(always scarce) would not be required.

> { ...] paused at this line: [...]

So, just _before_ "debug1: Connecting to
cocn01 [10.5.13.73] port 1800."? Sure
_sounds_ like a DNS problem, unless the
server is particularly slow to start the sshd
on its end (fow what reason, I can't guess).

Anything informative in the system log files
on the server?

Henry F. Johnson · ‎05-12-2008

Here is the output from the nslookup command:

Connection to quars700 closed.
quars703(root):/root> nslookup -q=A quars700
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
Name: quars700.columbus.local
Address: 10.5.13.46

quars703(root):/root> nslookup 10.5.13.46
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
Name: quars700.columbus.local
Address: 10.5.13.46

quars703(root):/root> nslloup -q=PTR quars703
/sbin/sh: nslloup: not found.
quars703(root):/root> nslookup -q=PTR quars703
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
columbus.local
origin = qwars104loc.columbus.local
mail addr = hostmaster.columbus.local
serial = 206100
refresh = 900 (15M)
retry = 600 (10M)
expire = 86400 (1D)
minimum ttl = 3600 (1H)
quars703(root):/root> nslookup -q=PTR 10.5.13.46
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
46.13.5.10.in-addr.arpa name = quars700.columbus.local
quars703(root):/root> nslookup 10.5.13.50
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
Name: quars703.columbus.local
Address: 10.5.13.50

You have mail in /var/mail/root
quars703(root):/root> nslookup quars703
Name Server: qwars104loc.columbus.local
Address: 10.5.10.162

Trying DNS
Name: quars703.columbus.local
Address: 10.5.13.50

quars703(root):/root>

Steven Schweda · ‎05-12-2008

> quars703(root):/root> ssh -v cocn01
> [...]
> debug1: Connecting to cocn01 [10.5.13.73] port 1800.
> [...]

> Where? On quars703 or on cocn01? It needs
> to work on the SSH server (cocn01).

> Here is the output from the nslookup command:

I'm getting old, and neither my vision nor my
brain is what it once was, but I'm missing
the part where you tested the DNS on the SSH
server, cocn01 (10.5.13.73).

Henry F. Johnson · ‎05-12-2008

Here is the output from cocn01 using nslookup:

cocn01(root):/root> nslookup 10.5.13.50
Name Server: qwars103loc.columbus.local
Address: 10.5.10.161

Trying DNS
Name: quars703.columbus.local
Address: 10.5.13.50

cocn01(root):/root> nslookup quars703
Name Server: qwars103loc.columbus.local
Address: 10.5.10.161

Trying DNS
Name: quars703.columbus.local
Address: 10.5.13.50

cocn01(root):/root>

Safarali · ‎05-13-2008

The reason may be due to the latest SSH patches

restart ssh daemon on both server
if not update your ssh or install latest patches

Regards
Safar

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: ssh is very slow

ssh is very slow