Slow connects due to out-of-context DNS lookup
Adrian Wilkins
adrian.wilkins at gmail.com
Mon Jun 5 23:38:32 AEST 2017
On 01/03/17 21:33, Damien Miller wrote:
> Please send verbose output, i.e. "ssh -vvv ..."
>
Sorry for the large delay...
Attached logs. Have anonymised some things.
No notable differences that I can spot.
The *-host.log file is with an entry pointing to localhost in /etc/hosts
The other is without this entry.
The "with" session connects instantly. The "without" session takes much
longer.
The pauses occur during the segment of log below the line.
Setting "GSSAPIAuthentication no" for this configuration (not the
configuration for the proxy SSH server) causes it to take the same
amount of time as when you insert a definition of the remote host DNS
name in /etc/hosts
----
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-graylog.log
Type: text/x-log
Size: 15857 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170605/03b7a550/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-graylog-host.log
Type: text/x-log
Size: 15858 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170605/03b7a550/attachment-0003.bin>
More information about the openssh-unix-dev
mailing list