Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 9 Feb 2001 08:18:30 +1000
From:      "Doug Young" <dougy@gargoyle.apana.org.au>
To:        "Ted Mittelstaedt" <tedm@toybox.placo.com>, <Graham.Lillico@itnet.co.uk>, <freebsd-newbies@FreeBSD.ORG>
Subject:   Re: SSH
Message-ID:  <024f01c0921d$1d1cafa0$847e03cb@apana.org.au>
References:  <005501c091c5$70090cc0$1401a8c0@tedm.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
yeah OK ......I'll certainly try that

----- Original Message -----
From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: "Doug Young" <dougy@gargoyle.apana.org.au>;
<Graham.Lillico@itnet.co.uk>; <freebsd-newbies@FreeBSD.ORG>
Sent: Thursday, February 08, 2001 9:51 PM
Subject: RE: SSH


> You should still try the /etc/resolv.conf trick for testing
> even for the nameserver itself.  The nameserver daemon pays
> no attention to the contents of /etc/resolv.conf.  It's not
> a problem to set a nameserver so that you cannot lookup names
> from a command line.
>
> Ted Mittelstaedt                      tedm@toybox.placo.com
> Author of:          The FreeBSD Corporate Networker's Guide
> Book website:         http://www.freebsd-corp-net-guide.com
>
>
> > -----Original Message-----
> > From: owner-freebsd-newbies@FreeBSD.ORG
> > [mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Doug Young
> > Sent: Thursday, February 08, 2001 2:34 AM
> > To: Ted Mittelstaedt; Graham.Lillico@itnet.co.uk;
> > freebsd-newbies@FreeBSD.ORG
> > Subject: Re: SSH
> >
> >
> > That sounds a probable factor in many cases, however I get two minute
SSH
> > logins when the machine I'm logging into is the same as one of the
> > nameservers ... one of them is on my LAN only a matter of inches /
> > millimeters away.
> >
> > In all cases where I've used SSH, public IPs have been used at both
ends.
> > I've just put it down to the neanderthal phone network in OZ,
particularly
> > when its noticeably worse in peak times. I guess it could be that
> > two of the
> > three nameservers are "unavailable" within the timeout period.but
> > dunno why
> > the one on my LAN should be unavailable though.
> >
> > ----- Original Message -----
> > From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
> > To: "Doug Young" <dougy@gargoyle.apana.org.au>;
> > <Graham.Lillico@itnet.co.uk>; <freebsd-newbies@FreeBSD.ORG>
> > Sent: Thursday, February 08, 2001 8:22 PM
> > Subject: RE: SSH
> >
> >
> > > I've seen the 2 minute login problem on systems before.
> > >
> > > What you want to do is on the system that your telnetting
> > > or SSHing _to_ is you want to temporarily rename /etc/resolv.conf
> > > to something else.  Then, logout and log back in.  If the
> > > 2 minute delay disappears (which most of the time this will
> > > fix it) then what is going on is that the FreeBSD system is
> > > seeing the incoming Telnet or SSH request from you and is
> > > then issuing a DNS lookup for the Reverse Address Record for
> > > the IP number that your coming in from - and the DNS server
> > > that it's using is timing out.  FreeBSD does this in order to
> > > write a log entry for the activity that contains the real name
> > > of the host, not just it's IP number.
> > >
> > > Most of the time DNS servers will fail on reverse address
> > > queries is because the authority responsible for numbering
> > > has not properly configured PTR lookups.  If it's a public
> > > IP number then the numbering authority is the ISP you got
> > > the number from.  If it's a RFC1918 number that you assigned,
> > > then your it.  And, note that simply having an empty PTR
> > > record for the IP number in the DNS is not going to produce
> > > this problem - the misconfiguration has to be more serious than
> > > that.  Common examples are ISP's that specify IP numbers of old
> > > nameservers in ARIN's records (that are subsequently taken down)
> > > or administrators that set up private DNS servers that cannot
> > > make PTR lookups.  (often for RFC1918 number ranges)
> > >
> > > The remaining time that the DNS lookups usually will fail is
> > > if an IP number for a nameserver that is specified in /etc/rc.conf
> > > is unreachable.
> > >
> > > Ted Mittelstaedt                      tedm@toybox.placo.com
> > > Author of:          The FreeBSD Corporate Networker's Guide
> > > Book website:         http://www.freebsd-corp-net-guide.com
> > >
> > >
> > > > -----Original Message-----
> > > > From: owner-freebsd-newbies@FreeBSD.ORG
> > > > [mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Doug Young
> > > > Sent: Thursday, February 08, 2001 1:26 AM
> > > > To: Graham.Lillico@itnet.co.uk; freebsd-newbies@FreeBSD.ORG
> > > > Subject: Re: SSH
> > > >
> > > >
> > > > As far as I know thats normal ..... every SSH login I've ever
> > > > seen has taken
> > > > about 2 minutes
> > > >
> > > > ----- Original Message -----
> > > > From: <Graham.Lillico@itnet.co.uk>
> > > > To: <freebsd-newbies@FreeBSD.ORG>
> > > > Sent: Thursday, February 08, 2001 7:21 PM
> > > > Subject: SSH
> > > >
> > > >
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > > Can anyone tell me why it is taking so long to log in via ssh, its
> > > > currently
> > > > > taking about 2 minutes from entering my password to getting a
shell
> > > > prompt, is
> > > > > this right? if not any ideas what could be causing it?
> > > > >
> > > > > Graham
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > ******************************************************************
> > > > **********
> > > > *******
> > > > > http://www.itnet.co.uk
> > > > > http://www.itnet.co.uk/eb  -  Click here to see ITNET's ebusiness
> > > > capabilities
> > > > >
> > > > > Any opinions expressed in this email are those of the individual
and
> > > > > not necessarily those of ITNET plc and/or its subsidiaries.
> > This email
> > > > > and any files transmitted with it, including replies and forwarded
> > > > > copies (which may contain alterations) subsequently transmitted
from
> > > > > ITNET plc and/or its subsidiaries, are confidential and
> > solely for the
> > > > > use of the intended recipient. If you are not the intended
recipient
> > > > > or the person responsible for delivering to the intended
> > recipient, be
> > > > > advised that  you have received this email in error and that any
use
> > > > > is strictly prohibited.
> > > > >
> > > > > If you have received this email in error please notify
> > ITNET Customer
> > > > Service
> > > > > Centre by telephone on +44 (0)121 683 4043 or via email to
> > > > > csccom@itnet.co.uk, including a copy of this message.
> > > > > Please then delete this email and destroy any copies of it.
> > > > >
> > > > ******************************************************************
> > > > **********
> > > > *******
> > > > >
> > > > >
> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > > with "unsubscribe freebsd-newbies" in the body of the message
> > > > >
> > > >
> > > >
> > > >
> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > with "unsubscribe freebsd-newbies" in the body of the message
> > > >
> > >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-newbies" in the body of the message
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-newbies" in the body of the message
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?024f01c0921d$1d1cafa0$847e03cb>