[kwlug-disc] ssh takes 5 minutes to connect

Ronald Barnes ron at ronaldbarnes.ca
Mon Jul 25 05:12:54 EDT 2022 

Alex K wrote on 2022-07-24 20:06:

> Try "UseDNS no" in sshd_config ?

Thanks.


That setting is explicitly set in sshd_config (and is the default). 
Hasn't seemed to make any difference.


The only thing that makes a difference is this:

 > UsePAM No

And it's driving me crazy, going down a rabbit hole of PAM settings 
(which shouldn't have changed unless through system update at some point).

Verbose output at hang point:


Client side:

 > debug1: Authentication succeeded (publickey).
 > Authenticated to 10.60.42.12 ([10.60.42.12]:10022).
 > debug1: channel 0: new [client-session]
 > debug1: Requesting no-more-sessions at openssh.com
 > debug1: Entering interactive session.
 > debug1: pledge: network

Server side:

 > Accepted publickey for XXX from 10.1.2.9 port 50008 ssh2: RSA 
SHA256:ONh0aG+HWRsxRPGQf5lbe7l7sR/UB0ZuH5FKC0uxEn8
 > debug1: monitor_child_preauth: XXX has been authenticated by 
privileged process
 > debug3: mm_get_keystate: Waiting for new keys
 > debug3: mm_request_receive_expect entering: type 26
 > debug3: mm_request_receive entering
 > debug3: mm_get_keystate: GOT new keys
 > debug1: auth_activate_options: setting new authentication options 
[preauth]
 > debug2: userauth_pubkey: authenticated 1 pkalg rsa-sha2-512 [preauth]
 > debug3: user_specific_delay: user specific delay 0.000ms [preauth]
 > debug3: ensure_minimum_time_since: elapsed 0.798ms, delaying 8.038ms 
(requested 8.836ms) [preauth]
 > debug3: mm_do_pam_account entering [preauth]
 > debug3: mm_request_send entering: type 102 [preauth]
 > debug3: mm_request_receive_expect entering: type 103 [preauth]
 > debug3: mm_request_receive entering [preauth]
 > debug3: mm_do_pam_account returning 1 [preauth]
 > debug3: send packet: type 52 [preauth]
 > debug3: mm_request_send entering: type 26 [preauth]
 > debug3: mm_send_keystate: Finished sending state [preauth]
 > debug1: monitor_read_log: child log fd closed
 > debug3: ssh_sandbox_parent_finish: finished
 > debug1: PAM: establishing credentials
 > debug3: PAM: opening session
 > debug2: do_pam_session: auth information in SSH_AUTH_INFO_0

More information about the kwlug-disc mailing list