Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] Slow SSH connection
On 02/10/2016 09:54 AM, Anton Aylward wrote:
On 02/10/2016 09:25 AM, Ruben Safir wrote:


ssh -vvv -l ruben www.mrbrklyn.com /bin/true 2>tmp


OpenSSH_7.1p2, OpenSSL 1.0.2f 28 Jan 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to www.mrbrklyn.com [96.57.23.82] port 22.
debug1: Connection established.
debug1: identity file /home/ruben/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ruben/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ruben/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ruben/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory

OK, as i said, I 'cheat', I use ssh-agent

anton@Mainbox:~> eval $(ssh-agent)
Agent pid 26106
anton@Mainbox:~> ssh-add
Enter passphrase for /home/anton/.ssh/id_rsa:
Identity added: /home/anton/.ssh/id_rsa (/home/anton/.ssh/id_rsa)

Oh, look! I have a 'id_rsa' style key, you don't.
Nor do you have a 'id_dsa' one.

How come?

ruben@www:~/.ssh> ls -al
total 52
drwx------ 2 ruben users 119 Nov 27 2014 .
drwxr-xr-x 127 ruben users 16384 Feb 10 10:32 ..
-rw-r--r-- 1 ruben users 407 Feb 14 2013 authoried_keys
-rw-r--r-- 1 ruben users 2386 Dec 27 2014 authorized_keys
-rw------- 1 ruben users 1679 Jan 20 2013 id_rsa
-rw-r--r-- 1 ruben users 391 Jan 20 2013 id_rsa.pub
-rw------- 1 ruben users 11572 Jan 21 2015 known_hosts
-rw-r--r-- 1 ruben users 2110 Jan 6 2013 known_hosts.old



which is the same files on my workstation, actually

[ruben@localhost ~]$ ls -al ./.ssh/
total 42
drwxrwxrwx 2 ruben users 200 Feb 9 03:33 .
drwxrwxrwx 186 ruben users 14160 Feb 10 09:24 ..
-rwxrwxrwx 1 ruben users 614 Nov 22 2014 authorized_keys
-rw------- 1 ruben users 1679 Dec 30 2014 id_rsa
-rwxrwxrwx 1 ruben users 395 Dec 30 2014 id_rsa.pub
-rwxrwxrwx 1 ruben users 2441 Feb 9 03:33 known_hosts
-rwxrwxrwx 1 ruben users 9894 Nov 22 2014 known_hosts.old

Perhaps that accounts for part of the delay?

authentication doesn't seem to be the problem.


Why don't you generate those keys?


debug1: identity file /home/ruben/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ruben/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory

Oh, right, new and spiffy!

Have you done the following:

sudo ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ”

Apparently not.




debug1: identity file /home/ruben/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory

We're running out of options and the clock is ticking ..



....
debug3: hostkeys_foreach: reading file "/home/ruben/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file
/home/ruben/.ssh/known_hosts:3
debug3: load_hostkeys: loaded 1 keys from www.mrbrklyn.com
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received

I wish this was time-stamped.




It works faster than the terminal can record it until it gets to the
interaction line, so there seems to be a problem with allocating a
resource, like a /dev/tty or a port or I don't know.

Ruben


--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups