From owner-freebsd-current@FreeBSD.ORG Fri Jan 30 09:10:34 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A3C2816A4CE for ; Fri, 30 Jan 2004 09:10:34 -0800 (PST) Received: from ack.Berkeley.EDU (ack.Berkeley.EDU [128.32.206.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46B6843D2F for ; Fri, 30 Jan 2004 09:09:48 -0800 (PST) (envelope-from mhunter@ack.Berkeley.EDU) Received: (from mhunter@localhost) by ack.Berkeley.EDU (8.11.3/8.11.3) id i0UH9Vb10498; Fri, 30 Jan 2004 09:09:31 -0800 (PST) Date: Fri, 30 Jan 2004 09:09:31 -0800 From: Mike Hunter To: Randy Bush Message-ID: <20040130170931.GB5100@ack.Berkeley.EDU> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: FreeBSD Current Subject: Re: ssh hang X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jan 2004 17:10:34 -0000 On Jan 30, "Randy Bush" wrote: I experienced this *same* hang from a 5.2-RELEASE (Thu Jan 22 04:51:45 PST 2004) box acting as the ssh server. I experienced the problem with clients from FBSD 5.1, redhat linux (?) and knoppix linux 3.3. The hang was at the exact same spot when running "ssh -v -v -v". Sorry to make the picture more confusing :| Mike > recently, i have been seeing a large pause when sshing into my -stable > systems from a -current. no problem between -stable systems > > > ssh on today's -current > sshd on two week old -stable > what would cause the giant pause? > > > % ssh -v myhost > OpenSSH_3.7.1p2 FreeBSD-20040106, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Connecting to myhost.dom.ain [666.42.7.11] port 22. > debug1: Connection established. > debug1: identity file /usr/home/randy/.ssh/identity type 0 > debug1: identity file /usr/home/randy/.ssh/id_rsa type 1 > debug1: identity file /usr/home/randy/.ssh/id_dsa type 2 > debug1: Remote protocol version 2.0, remote software version OpenSSH_3.5p1 FreeBSD-20030924 > debug1: match: OpenSSH_3.5p1 FreeBSD-20030924 pat OpenSSH_3.2*,OpenSSH_3.3*,OpenSSH_3.4*,OpenSSH_3.5* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2 FreeBSD-20040106 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-cbc hmac-md5 none > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host 'myhost.dom.ain' is known and matches the DSA host key. > debug1: Found key in /usr/home/randy/.ssh/known_hosts:18 > debug1: ssh_dss_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > > <15-30 second pause> > > debug1: Authentications that can continue: publickey,password > debug1: Next authentication method: publickey > debug1: Offering public key: /usr/home/randy/.ssh/id_rsa > debug1: Authentications that can continue: publickey,password > debug1: Offering public key: /usr/home/randy/.ssh/id_dsa > debug1: Server accepts key: pkalg ssh-dss blen 435 > debug1: Authentication succeeded (publickey). > debug1: channel 0: new [client-session] > debug1: Entering interactive session. > debug1: Requesting X11 forwarding with authentication spoofing. > Last login: Thu Jan 29 23:12:14 2004 from roamer.dom.ain > Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 > The Regents of the University of California. All rights reserved. > > FreeBSD 4.9-STABLE (MYHOST) #14: Thu Jan 15 20:25:08 PST 2004 > > unauthorized access/use strictly forbidden