[Bug 3747] ssh with ldap user account slow every time, local accounts unaffected

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Nov 1 20:40:22 AEDT 2024


https://bugzilla.mindrot.org/show_bug.cgi?id=3747

--- Comment #8 from Craig Emery <craig.emery at arm.com> ---
We made a discovery.

The permission on my authhorized_keys file was not 600, it was 644.

When set to 600, the delay vanished.

We think sshd is seeing the group readable permissions & then using PAM
/ LDAP to see what group users can read it & that takes time.

It seems odd to me that sshd then seems to allow the keys in that file
to be trusted.
I though if the permissions weren't 600 the file & the keys therein
would blanket not be trusted.

But at least we figured out the root cause.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list