From owner-freebsd-stable Thu Jul 4 1:12:54 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE39B37B400 for ; Thu, 4 Jul 2002 01:12:44 -0700 (PDT) Received: from smtp2.libero.it (smtp2.libero.it [193.70.192.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 151CC43E31 for ; Thu, 4 Jul 2002 01:12:44 -0700 (PDT) (envelope-from fcasadei@inwind.it) Received: from [62.98.214.215] (62.98.214.215) by smtp2.libero.it (6.5.015) id 3CFFF13800B6D239 for freebsd-stable@freebsd.org; Thu, 4 Jul 2002 10:12:42 +0200 Received: (qmail 1478 invoked by uid 1000); 4 Jul 2002 08:12:25 -0000 Date: Thu, 4 Jul 2002 10:12:25 +0200 From: Francesco Casadei To: freebsd-stable mailing list Subject: SSH very slow after buildworld on client machine Message-ID: <20020704101225.A1408@goku.kasby> Mail-Followup-To: freebsd-stable mailing list Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+" Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.6-STABLE i386 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --mYCpIKhGyMATD0i+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I upgraded a machine from which I connect to a server using SSH. After the client upgrade, SSH connection takes a long time to setup (but it works as usual once the connection is established). I haven't updated the server yet. FreeBSD version - server: FreeBSD 4.6-STABLE #0: Thu Jun 20 22:30:33 CEST 2002 - client: FreeBSD 4.6-STABLE #0: Wed Jul 3 12:30:57 CEST 2002 SSH version - server: sshd version OpenSSH_2.9 FreeBSD localisations 20020307 - client: OpenSSH_2.9 FreeBSD localisations 20020307, SSH protocols 1.5/2.= 0, OpenSSL 0x0090601f Here's a log of an ssh connection for more information.=20 # ssh -v -v xxx.xxx.xxx.xxx. OpenSSH_2.9 FreeBSD localisations 20020307, SSH protocols 1.5/2.0, OpenSSL = 0x0090601f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be truste= d. debug1: restore_uid debug1: ssh_connect: getuid 1000 geteuid 1000 anon 1 debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22. debug1: temporarily_use_uid: 1000/1001 (e=3D1000) debug1: restore_uid debug1: temporarily_use_uid: 1000/1001 (e=3D1000) debug1: restore_uid debug1: Connection established. debug1: identity file /home/username/.ssh/id_rsa type -1 debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type 'Proc-Type:' debug2: key_type_from_name: unknown key type 'DEK-Info:' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /home/xxxxxxxx/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_2.9 Fr= eeBSD localisations 20020307 debug1: match: OpenSSH_2.9 FreeBSD localisations 20020307 pat ^OpenSSH Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.9 FreeBSD localisations 2002= 0307 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellma= n-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc= four,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,= rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc= four,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,= rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160= @openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160= @openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit:=20 debug2: kex_parse_kexinit:=20 debug2: kex_parse_kexinit: first_kex_follows 0=20 debug2: kex_parse_kexinit: reserved 0=20 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellma= n-group1-sha1 debug2: kex_parse_kexinit: ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc= four,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,= rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arc= four,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,= rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160= @openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160= @openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit:=20 debug2: kex_parse_kexinit:=20 debug2: kex_parse_kexinit: first_kex_follows 0=20 debug2: kex_parse_kexinit: reserved 0=20 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 139/256 debug1: bits set: 1012/2049 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the DSA host key. debug1: Found key in /etc/ssh/ssh_known_hosts2:1 debug1: bits set: 1012/2049 debug1: len 55 datafellows 0 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,keyboard-interactive debug1: next auth method to try is publickey debug1: try privkey: /home/xxxxxxxx/.ssh/id_rsa debug1: try privkey: /home/xxxxxxxx/.ssh/id_dsa debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type Enter passphrase for key '/home/xxxxxxxx/.ssh/id_dsa':=20 debug1: read PEM private key done: type DSA debug1: sig size 20 20 debug2: we sent a publickey packet, wait for reply debug1: ssh-userauth2 successful: method publickey debug1: channel 0: new [client-session] debug1: channel_new: 0 debug1: send channel open 0 debug1: Entering interactive session. debug2: callback start debug1: client_init id 0 arg 0 debug2: tty_make_modes: ospeed 9600 debug2: tty_make_modes: ispeed 9600 debug2: tty_make_modes: 1 3 debug2: tty_make_modes: 2 28 debug2: tty_make_modes: 3 8 debug2: tty_make_modes: 4 21 debug2: tty_make_modes: 5 4 debug2: tty_make_modes: 6 255 debug2: tty_make_modes: 7 255 debug2: tty_make_modes: 8 17 debug2: tty_make_modes: 9 19 debug2: tty_make_modes: 10 26 debug2: tty_make_modes: 11 25 debug2: tty_make_modes: 12 18 debug2: tty_make_modes: 13 23 debug2: tty_make_modes: 14 22 debug2: tty_make_modes: 17 20 debug2: tty_make_modes: 18 15 debug2: tty_make_modes: 30 0 debug2: tty_make_modes: 31 0 debug2: tty_make_modes: 32 0 debug2: tty_make_modes: 33 0 debug2: tty_make_modes: 34 0 debug2: tty_make_modes: 35 0 debug2: tty_make_modes: 36 1 debug2: tty_make_modes: 38 1 debug2: tty_make_modes: 39 0 debug2: tty_make_modes: 40 0 debug2: tty_make_modes: 41 0 debug2: tty_make_modes: 50 1 debug2: tty_make_modes: 51 1 debug2: tty_make_modes: 53 1 debug2: tty_make_modes: 54 1 debug2: tty_make_modes: 55 1 debug2: tty_make_modes: 56 0 debug2: tty_make_modes: 57 0 debug2: tty_make_modes: 58 0 debug2: tty_make_modes: 59 1 debug2: tty_make_modes: 60 1 debug2: tty_make_modes: 61 1 debug2: tty_make_modes: 62 1 debug2: tty_make_modes: 70 1 debug2: tty_make_modes: 72 1 debug2: tty_make_modes: 73 0 debug2: tty_make_modes: 74 0 debug2: tty_make_modes: 75 0 debug2: tty_make_modes: 90 1 debug2: tty_make_modes: 91 1 debug2: tty_make_modes: 92 1 debug2: tty_make_modes: 93 0 debug1: channel request 0: shell debug2: callback done debug1: channel 0: open confirm rwindow 0 rmax 16384 debug2: channel 0: rcvd adjust 32768 debug1: client_input_channel_req: channel 0 rtype keepalive@openssh.com rep= ly 1 exit debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0 debug1: channel 0: rcvd eof debug1: channel 0: output open -> drain debug1: channel 0: rcvd close debug1: channel 0: input open -> closed debug1: channel 0: close_read debug2: channel 0: no data after CLOSE ^Cdebug2: channel 0: no data after CLOSE debug1: channel 0: obuf empty debug1: channel 0: output drain -> closed debug1: channel 0: close_write debug1: channel 0: send close debug1: channel 0: is dead debug1: channel_free: channel 0: status: The following connections are open: #0 client-session (t4 r0 i8/0 o128/0 fd -1/-1) debug1: channel_free: channel 0: dettaching channel user Connection to xxx.xxx.xxx.xxx closed. debug1: Transferred: stdin 0, stdout 0, stderr 37 bytes in 58.5 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.6 debug1: Exit status -1 File /etc/ssh/ssh_config contains: Host * Protocol 2 HostbasedAuthentication no RhostsAuthentication no RhostsRSAAuthentication no RSAAuthentication no PasswordAuthentication no ChallengeResponseAuthentication no I don't think the problem is related to Dag-Erling Smorgrav's OpenSSH and= PAM updates, since I received the 'HEADS UP' message on -stable five hours and = half after the installworld. Any ideas? Francesco Casadei --=20 You can download my public key from http://digilander.liebero.it/fcasadei/ or retrieve it from a keyserver (pgpkeys.mit.edu, wwwkeys.pgp.net, ...) Key fingerprint is: 1671 9A23 ACB4 520A E7EE 00B0 7EC3 375F 164E B17B --mYCpIKhGyMATD0i+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE9JANpfsM3XxZOsXsRAjEMAJ0evc1HekA4G0C0egz9oM3TOYeEiQCgqysD BsqGaSMJ288F6yvqrUEo3bg= =0ypQ -----END PGP SIGNATURE----- --mYCpIKhGyMATD0i+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message