OpenSSH login -- to slow?

OpenSSH login -- to slow?

Post by Paul D. Smit » Wed, 31 Jan 2001 08:44:01



I have a brand new VA Linux 2200 server, running Debian 2.2.  Speedy!
Woohoo!

One of the chores that this server will perform is to take over as an
ssh server for remote logins.

The current server is a SPARC classic (yes, that's right) with 32M RAM
running SunOS 4.1.4 (plus y2k patches).  Speedy?  Not!  It's running the
old free version of ssh from F-Secure (1.2.27 or somesuch, I forget).

The new one is running the version of OpenSSH currently in Debian 2.2
stable + security updates, 1.2.3-9.1 (that's OpenSSH 1.2.3, plus some
patches).

I have the new one all configured the same way and it works fine (it's
temporarily sitting in my office until I get it working completely, then
I'll replace the existing one).  I have ssh-agent set up on my system
and I can ssh to either system without needing a password.

Here's the thing: I can login to the old, crusty system twice as fast as
the new, super-speedy system!

Running this:

  $ time ssh oldserver echo hi
  hi

gives me a consistent real time of about 10.5 seconds, running it 10
times in a row.  But this:

  $ time ssh newserver echo hi
  hi

gives me a consistent real time of about 20 seconds!

What's going on here?  It can't be processing power, nor can it be
network issues (the new server is right next to me, on the network,
while the old one is a couple of hops away).  I've looked at sshd_config
and they're both set up the same way.

Is there anything I can do to decrease this extra latency?

--
-------------------------------------------------------------------------------

 "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
-------------------------------------------------------------------------------
   These are my opinions---Nortel Networks takes no responsibility for them.

 
 
 

OpenSSH login -- to slow?

Post by Kaz Kylhe » Wed, 31 Jan 2001 11:59:13



Quote:>I have a brand new VA Linux 2200 server, running Debian 2.2.  Speedy!

[ snip ]

Quote:

>  $ time ssh newserver echo hi
>  hi

>gives me a consistent real time of about 20 seconds!

Maybe the server is trying to do a DNS reverse lookup that fails?
Turn on more logging. Also try an SSH newsgroup, like
comp.security.ssh!

 
 
 

OpenSSH login -- to slow?

Post by Eric P. McC » Wed, 31 Jan 2001 14:18:08



Quote:> Here's the thing: I can login to the old, crusty system twice as fast as
> the new, super-speedy system!
> Running this:
>   $ time ssh oldserver echo hi
> gives me a consistent real time of about 10.5 seconds, running it 10
> times in a row.  But this:
>   $ time ssh newserver echo hi
> gives me a consistent real time of about 20 seconds!

Yikes.  It takes 0.369s on my local computer, 2.412s on another
computer (and that includes the time required to type in my
password).

If you do `nslookup newserver' followed by `nslookup <newserver-ip>',
do you see the delay there as well?  Have you tried pinging or
tracerouting to look for dropped or misrouted packets?

None of this has anything much to do with Linux application
development, by the way.

--

  "Knowing that a lot of people across the world with Geocities sites
absolutely despise me is about the only thing that can add a positive
spin to this situation."  - Something Awful, 1/11/2001

 
 
 

OpenSSH login -- to slow?

Post by Grant Edwar » Wed, 31 Jan 2001 22:14:45



>> Here's the thing: I can login to the old, crusty system twice as fast as
>> the new, super-speedy system!

>> Running this:
>>   $ time ssh oldserver echo hi
>> gives me a consistent real time of about 10.5 seconds, running it 10
>> times in a row.  But this:
>>   $ time ssh newserver echo hi
>> gives me a consistent real time of about 20 seconds!

>Yikes.  It takes 0.369s on my local computer, 2.412s on another
>computer (and that includes the time required to type in my
>password).

>If you do `nslookup newserver' followed by `nslookup <newserver-ip>',
>do you see the delay there as well?  Have you tried pinging or
>tracerouting to look for dropped or misrouted packets?

The open-ssh client will try to use IPv6 by default, and only
fall back to IPv4 after it fails.  This caused my DNS server to
choke, resulting in 60 second connect times. Switching to IPv4
made things better. Try:

$ ssh -4 hostname

--
Grant Edwards                   grante             Yow!  ... I want to perform
                                  at               cranial activities with
                               visi.com            Tuesday Weld!!

 
 
 

1. slow login with openssh

Hi,

I am using openssh 2.5.1.0 from Bull website. When I try to log in from
a linux box (openssh 2.9) I have to wait several seconds (about ten).
When I switch to ssh -1, log in is done in about a second.

Before I used 2.5 on my linux box without this problem.

Does anyone know what has changed between these versions?

Many thanks in advance.
Matthias Moeller

2. Telnet blues

3. Newby (After 4.3.2 install, CDE LOGIN IS SLOW SLOW SLOW)

4. mmap & device memory

5. Openssh scp - slow transfer

6. - Anonymous ftp quotas

7. OpenSSH 3.1p1 one way slow

8. tcp/ip question

9. OpenSSH very slow

10. openssh slow /dev/random ?

11. Upgrade OpenSSH 2.9p2 to OpenSSH-4.2p1 on Solaris 8 for SPARC

12. Login on OpenSSH

13. OpenSSH 2.1.1 Not Updating Last Login