Date: Tue, 8 Aug 2000 16:51:50 -0400 (EDT) From: rwatson@freebsd.org To: FreeBSD-gnats-submit@freebsd.org Subject: bin/20488: SSH timeout of 60 seconds is too low for many environments Message-ID: <200008082051.QAA43313@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
>Number: 20488 >Category: bin >Synopsis: sshd default 60 second authentication timeout too low >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Aug 08 14:00:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Robert Watson >Release: FreeBSD 4.1-STABLE i386 >Organization: >Environment: 4.1-STABLE OpenSSH sshd laggy network with very slow DNS reverse lookups >Description: On slow networks, the default 60 second timeout for authentication can be too low to allow a connection to actually take place. Given that a lot has to happen in that 60 seconds, high latency or packet loss can prevent negotation from reaching a useful point. It is also the case that with a one-time password scheme with a trusted keying device, additional time is required to perform the authentication. >How-To-Repeat: DUMMYNET >Fix: Increase default timeout to 120 or more seconds. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008082051.QAA43313>