[kwlug-disc] ssh takes 5 minutes to connect
Ronald Barnes
ron at ronaldbarnes.ca
Mon Jul 25 05:12:54 EDT 2022
Alex K wrote on 2022-07-24 20:06:
> Try "UseDNS no" in sshd_config ?
Thanks.
That setting is explicitly set in sshd_config (and is the default).
Hasn't seemed to make any difference.
The only thing that makes a difference is this:
> UsePAM No
And it's driving me crazy, going down a rabbit hole of PAM settings
(which shouldn't have changed unless through system update at some point).
Verbose output at hang point:
Client side:
> debug1: Authentication succeeded (publickey).
> Authenticated to 10.60.42.12 ([10.60.42.12]:10022).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug1: pledge: network
Server side:
> Accepted publickey for XXX from 10.1.2.9 port 50008 ssh2: RSA
SHA256:ONh0aG+HWRsxRPGQf5lbe7l7sR/UB0ZuH5FKC0uxEn8
> debug1: monitor_child_preauth: XXX has been authenticated by
privileged process
> debug3: mm_get_keystate: Waiting for new keys
> debug3: mm_request_receive_expect entering: type 26
> debug3: mm_request_receive entering
> debug3: mm_get_keystate: GOT new keys
> debug1: auth_activate_options: setting new authentication options
[preauth]
> debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 0.798ms, delaying 8.038ms
(requested 8.836ms) [preauth]
> debug3: mm_do_pam_account entering [preauth]
> debug3: mm_request_send entering: type 102 [preauth]
> debug3: mm_request_receive_expect entering: type 103 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_do_pam_account returning 1 [preauth]
> debug3: send packet: type 52 [preauth]
> debug3: mm_request_send entering: type 26 [preauth]
> debug3: mm_send_keystate: Finished sending state [preauth]
> debug1: monitor_read_log: child log fd closed
> debug3: ssh_sandbox_parent_finish: finished
> debug1: PAM: establishing credentials
> debug3: PAM: opening session
> debug2: do_pam_session: auth information in SSH_AUTH_INFO_0
More information about the kwlug-disc
mailing list