|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Slow ssh connect
Hi folks,
Before I start, I don't think this is the classic DNS issue (although I may not know enough to know that). I have had an OpenBSD server for about a year now at a colo company. I'm using it to learn about OpenBSD things. All this time I have either connected via Windows 7 PuTTY or MacOS command line ssh. I have not had any issues doing it that way, and still don't. The trouble is I have installed the default RHEL 7 on my iMac at home and the ssh connection to my OpenBSD server has that initial pause thing. I checked on the OpenBSD side and the UseDNS=no is in place (because it's the default). I realize it is very strange for me to ask an obvious RHEL 7 question here on the OpenBSD forums. I just thought perhaps it might be something obvious that someone has encountered before. A google search shows me all the UseDNS=no stuff, and when I eliminate that I don't find an obviously useful direction to go in. I had a few ideas, like my RHEL 7 client might be trying all that GSSAPI stuff. I could disable that. Or it could be that my ed25519 key is somehow related to it. I could try using an RSA key. I just thought I'd ask first before trying random stuff. Does anybody have any experience with this specific type of problem? I.e. only one O/S seems to connect with the annoying slow-pause, others connect and there is no pause. V/r, Bryan |
|
|||
To clarify the thing that's bugging me. When I login via ssh (but only from RHEL 7), the initial ssh connection has a very annoying pause. Everything works, eventually, after the initial pause.
|
|
|||
The delay is caused by a failed reverse DNS lookup issue ;-)
There is SSH setting called "UseDNS" that controls whether this reverse DNS lookup should be done. From sshd_config(5): Code:
UseDNS Specifies whether sshd(8) should look up the remote host name, and to check that the resolved host name for the remote IP address maps back to the very same IP address. If this option is set to no (the default) then only addresses and not host names may be used in ~/.ssh/authorized_keys from and sshd_config Match Host directives. You could run tcpdump on the server to monitor port 53 (named of DNS) UDP as well as TCP traffic. Then you can see the issue very clearly
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
Tags |
ssh, sshd |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
connect to OpenBSD BOX with VNC | mfaridi | OpenBSD General | 9 | 14th April 2010 08:38 PM |
pppoe0 won't connect to ISP DSL | garthbrooks | OpenBSD General | 3 | 26th February 2010 10:04 PM |
PPPoE -> ADSL Router (Bridge) - Slow connect? | DraconianTimes | OpenBSD General | 0 | 31st December 2008 01:07 PM |
How understand someone connect to my BOX with VNC | mfaridi | OpenBSD Security | 8 | 21st November 2008 12:24 AM |