Bill Tangren wrote:
Stephen Carville wrote:
Bill Tangren wrote:
Mahesh Pokala wrote:
Check /etc/resolv.conf for valid dns entries
Check /etc/nsswitch.conf for valid entries.
I don't see anything unusual in them, and I haven't changed them.
Also, they are the same as the same files on the other servers, and
those servers don't have this problem. I've tried this from several
different servers. I've also asked others to try, and they have the
same problem.
try ssh -vv user@wherever to see where the hang is happening.
[root@eunomia ~]# ssh -vv bjt@aa
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to aa [10.1.5.93] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
Then the 30 second pause... then
Still looks like name resolution problem. Just for S&G try putting yoru
machine and IP address in /etc/hosts and make sure yout host line in
nsswitch.conf includes files. AKA:
hosts: files dns
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
and a lot of other stuff.
On the server try dig -x client.IP.add.ress to be sure reverse DNS works.
[root@aa ~]# dig -x eunomia.usno.navy.mil
; <<>> DiG 9.2.4 <<>> -x eunomia.usno.navy.mil
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51067
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mil.navy.usno.eunomia.in-addr.arpa. IN PTR
;; Query time: 19 msec
;; SERVER: 10.1.1.5#53(10.1.1.5)
;; WHEN: Thu Oct 5 16:01:57 2006
;; MSG SIZE rcvd: 52
It seems to work just fine. I'm at a loss.
dig -x means IP address -> name mapping. Try it with your IP address
not your machine name.
Try setting UseDNS to No to disable lookups
Mahesh
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bill Tangren
Sent: Thursday, October 05, 2006 1:29 PM
To: General Red Hat Linux discussion list
Subject: delay after ssh'ing into a server
I am having an odd problem with one of my RHEL servers. When I issue
the command to ssh into it:
$ ssh aa
there is a 30 second delay before I get the password prompt. I tried
deleting the appropriate line in ~/.ssh/known-hosts and trying it
again, but I still got a 30 second delay before I got this message:
The authenticity of host 'aa (10.1.5.93)' can't be established.
RSA key fingerprint is <a:long:hex:number>.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aa,10.1.5.93' (RSA) to the list of known
hosts.
This is what the log looks like during this time:
Oct 5 14:52:30 aa xinetd[3098]: START: ssh pid=23524 from=10.1.5.58
Oct 5 18:53:12 aa sshd[23567]: Accepted password for bjt from
10.1.5.58 port
32818 ssh2
Oct 5 14:53:12 aa sshd[23524]: Accepted password for bjt from
10.1.5.58 port
32818 ssh2
Notice the 42 second time delay. The first line appeared in the log
just after I send the "ssh aa" command.
I must have done something to make the system delay after receiving
the connection request, but I can't imagine what. Googling turned up
nothing for me.
Any ideas?
Bill Tangren
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
Stephen Carville <stephen@xxxxxxxxxxxxxx>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
310-342-3602
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
