Hi Guys and Girls, I know this is a common question but I've searched and we've tried the suggestions without luck. When I log into the box via SSH from a windows machine I get a 1 min 20 sec delay. If we add my IP address and machine name to /etc/hosts then I get an instant login. I would be happy with that as a solution except that it appears my IP keeps changing. Most of the posts I've looked at suggest this is a DNS issue which seems to fit as this machine times out if I type "nslookup bob" where on another server this returns instantly with an error. The timeout is 20 seconds which would indicate that when I log in it attempts to do 4 dns lookups?
I'm guessing the answer to this is fix the dns issue but that's not likely that easy. I don't know how this machine is connected to the network or even where in Australia the machine is located. It's a lab machine so likely doesn't have much access to anything. Assuming it can't reach a dns server can I work around this somehow? I found a post suggesting we put "UseDNS no" in /etc/ssh/sshd_config but this didn't help for some reason.
uname -a says this:
SunOS xxxxxxxx 5.10 Generic_139555-08 sun4v sparc SUNW,T5440
I've removed the server name in case it's not something I should publish.
My first guess would have been the lookup; but a few useful steps in troubleshooting:
Startup another instance of sshd in debug mode. As root:
# ./sshd -ddd -p 922
In another window, start a snoop and collect information for Wireshark. You may not need it in the end, but better to collect as much info as possible:
# snoop -s 1500 -o /tmp/sshd.log port 922 (may have to use -d if using a particular interface)
Now you'll want to make 2 connections. First, connect from the windows host, watch for errors or where it "blocks". You can then connect locally from the host and look at the difference. Good luck,
Sorry for the delay everyone, I've been busy the last week. There is a very stern motd warning me that I will go to jail if I push the wrong keys It doesn't appear until after the delay. When I debug with all 3 levels of debugging it pauses in pretty much the same 2 spots. I'm sure there's some information I can't print in all that so I'll have to post just the messages where it pauses:
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
...... 20 second pause here
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
...... 20 second pause here
Does that help any?
With regards to the system specs how would I find out?
---------- Post updated at 03:57 PM ---------- Previous update was at 03:55 PM ----------
We did that and it worked, the problem is that I am natted somewhere between here and the server and although my IP does not change the nat IP does. So the fix only lasted a day or so.
---------- Post updated at 04:01 PM ---------- Previous update was at 03:57 PM ----------
We tried this and it halved the delay from 80 seconds down to 40. Does it still look in /etc/resolv.conf also? My thinking was there was 2 DNS servers in nsswitch.conf and 2 in resolv.conf so we have halved the number of lookups. Does that sound reasonable?
---------- Post updated at 04:03 PM ---------- Previous update was at 04:01 PM ----------
Thanks for the reply Keith. Unfortunately I wouldn't be able to get root access
You don't have to have root if you use a non-privileged port. Just pick one above 1024... (assuming default config) 1922 for instance. The kicker will be firewalls allowing inbound requests, but that wouldn't stop you for some debugging. You could also use ssh's port forwarding to steer around the firewall if needs be.
I gave it a try but just running snoop I get permission denied. I guess if I run it via cygwin on this end it's not going to give me the info I need. It looks like this is pretty much a dns issue based on the replies here.
Likely the case; it's the normal issue with ssh on Solaris, but not always. And sorry, yes, you can run sshd as a non-privileged user, but snoop does require root.
It doesn't appear until after the delay. When I debug with all 3 levels of debugging it pauses in pretty much the same 2 spots. I'm sure there's some information I can't print in all that so I'll have to post just the messages where it pauses: