From owner-freebsd-questions@FreeBSD.ORG Sun Jun 5 23:11:05 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D719016A41C for ; Sun, 5 Jun 2005 23:11:05 +0000 (GMT) (envelope-from phusion2k@gmail.com) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4453643D48 for ; Sun, 5 Jun 2005 23:11:05 +0000 (GMT) (envelope-from phusion2k@gmail.com) Received: by rproxy.gmail.com with SMTP id a41so1768566rng for ; Sun, 05 Jun 2005 16:11:04 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=KyehtclminZdFpJSjIGV26EhQtODRF5WwP39AGi+4GfACqsEj/av++p26BeIwXKlElcLzR1UZCq9+hN6jqGCC2I1RgRSoChU2Gejeg6jNbEM5TWljCLPatEbUyZEmq/TSb+R6jLDyYBiKCybAz5FGmAePHyX8kLaecqAj26GX1c= Received: by 10.11.88.26 with SMTP id l26mr60887cwb; Sun, 05 Jun 2005 16:11:04 -0700 (PDT) Received: by 10.11.100.43 with HTTP; Sun, 5 Jun 2005 16:11:04 -0700 (PDT) Message-ID: Date: Sun, 5 Jun 2005 18:11:04 -0500 From: Phusion To: Robert Marella In-Reply-To: <42A37DE9.5040609@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42A37DE9.5040609@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: ssh delays 40 seconds X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Phusion List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Jun 2005 23:11:06 -0000 I've noticed this same thing on one of the machines I've built in the last week. The machine is running FreeBSD 5.4-STABLE with OpenSSH 4.0p1. The delay is probably about 30 seconds. Also, the machine isn't being used by anyone at the time. This happens when connecting from one local machine to another local machine on the same LAN. On 6/5/05, Robert Marella wrote: > A little nudge is needed. All of a sudden, my attempts to ssh any of the > other computers in my SOHO take 40 seconds before I am prompted for a > password or pass-phrase. At that time I can log in and all is well. It > is consistent in all directions. >=20 > I have made NO changes to ssh or any other config file. I don't believe > it is dns because I can ping and connect quickly to inside and outside > locations using x.x.x.x or www.blah.org from all computers. >=20 > I have attached the output of ssh -vvv with comments as to were the > delay occurs. I need some help or direction as to what it all means. >=20 > I thank you >=20 > Robert >=20 > P.S I have also attached a network map. >=20 >=20 > [frankie] ~> ssh -vvv gateway > OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e 25 Oct 2004 > debug1: Reading configuration data /etc/ssh/ssh_config > debug2: ssh_connect: needpriv 0 > debug1: Connecting to gateway [10.0.0.1] port 22. > debug1: Connection established. > debug1: identity file /home/robert/.ssh/identity type -1 > debug3: Not a RSA1 key file /home/robert/.ssh/id_rsa. > debug2: key_type_from_name: unknown key type '-----BEGIN' > debug3: key_read: missing keytype > debug2: key_type_from_name: unknown key type 'Proc-Type:' > debug3: key_read: missing keytype > debug2: key_type_from_name: unknown key type 'DEK-Info:' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type '-----END' > debug3: key_read: missing keytype > debug1: identity file /home/robert/.ssh/id_rsa type 1 > debug1: identity file /home/robert/.ssh/id_dsa type -1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.= 1p1 FreeBSD-20040419 > debug1: match: OpenSSH_3.8.1p1 FreeBSD-20040419 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 FreeBSD-20040419 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hell= man-group1-sha1 > debug2: kex_parse_kexinit: ssh-dss,ssh-rsa > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,a= rcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-= ctr,aes256-ctr > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,a= rcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-= ctr,aes256-ctr > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd1= 60@openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd1= 60@openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hell= man-group1-sha1 > debug2: kex_parse_kexinit: ssh-dss > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,a= rcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-= ctr,aes256-ctr > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,a= rcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-= ctr,aes256-ctr > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd1= 60@openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd1= 60@openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: mac_init: found hmac-md5 > debug1: kex: server->client aes128-cbc hmac-md5 none > debug2: mac_init: found hmac-md5 > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug2: dh_gen_key: priv key bits set: 129/256 > debug2: bits set: 519/1024 > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts > debug3: check_host_in_hostfile: match line 1 > debug1: Host 'gateway' is known and matches the DSA host key. > debug1: Found key in /home/robert/.ssh/known_hosts:1 > debug2: bits set: 505/1024 > debug1: ssh_dss_verify: signature correct > debug2: kex_derive_keys > debug2: set_newkeys: mode 1 > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug2: set_newkeys: mode 0 > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug2: service_accept: ssh-userauth > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug2: key: /home/robert/.ssh/identity (0x0) > debug2: key: /home/robert/.ssh/id_rsa (0x806f4d0) > debug2: key: /home/robert/.ssh/id_dsa (0x0) >=20 > ################################# > 40 second delay is right here! > ################################# >=20 > debug1: Authentications that can continue: publickey > debug3: start over, passed a different list publickey > debug3: preferred publickey,keyboard-interactive,password > debug3: authmethod_lookup publickey > debug3: remaining preferred: keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Trying private key: /home/robert/.ssh/identity > debug3: no such identity: /home/robert/.ssh/identity > debug1: Offering public key: /home/robert/.ssh/id_rsa > debug3: send_pubkey_test > debug2: we sent a publickey packet, wait for reply > debug1: Server accepts key: pkalg ssh-rsa blen 149 > debug2: input_userauth_pk_ok: fp 7d:24:8c:24:07:95:3f:87:ca:9f:83:14:fb:3= d:e8:76 > debug3: sign_and_send_pubkey > debug1: PEM_read_PrivateKey failed > debug1: read PEM private key done: type > Enter passphrase for key '/home/robert/.ssh/id_rsa': >=20 > em1 ________________________________________ em0 > 192.168.1.1| "GATEWAY" gateway/firewall/ntpd serv |DHCP > ________| Celeron 266MHz 384 MB RAM |_________ > | |________________________________________| | > | | aue0 | > ________|__ (((o))) | 10.0.0.1 _______|___= ______ > | Linksys | | | | Cable Mo= dem | > | BEFW-154 |_______| | | Road Run= ner | > |___WAP_____|192.168.1.100 | |___________= ______| > ________|__________________________________ > | HUB | > |___________________________________________| > | | | > | | | > ________________ ((o)) | | | _____________= _____ > |"HP" Pavillion | | | | | |"P4" ASUS MOB= O | > |Celeron N5310 | | | | | |P4P800E Pent = 4 | > |750MHz 256MB RAM|________| | | |______|2.6GHz 1GB RA= M | > | |ndis0 | | sk0|NFS Server = | > |________________|192.168.1.104 | | 10.0.0.103|_____________= _____| > | | > | | > _________________ ((o)) | | _____________= _____ > |"T2590" Toshiba | | | | |"SCSI" Mercur= y | > |2590CDT Celeron | | | | |KOB 630E MOBO= | > |400MHz 192MB RAM|________| | |________________|VIA C3 650MHz= CPU | > | |wi0 | rl0|686 512MB RAM= | > |________________|192.168.1.110 | 10.0.0.102|_____________= _____| > | > | > ________________ ((o)) | _____________= _____ > |"NCR" KU440EX | | | |"FRANKIE" Pen= t III| > |Celeron 266 MHz | | | |Mach Speed 69= 4TAS | > |384 MB RAM |________| |__________________________|1.1GHz 1.5GB = RAM | > | |wi0 rl0|NFS-Server = | > |________________|192.168.1.106 10.0.0.101|_____________= _____| >=20 >=20 >=20 >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >=20 >