I've been googling on this problem for a while now, but I have not found a solution that works. The problem is SSH login to my server is very slow all of a sudden. I can see it takes about 10 seconds before Authentications than can continue, here is my ssh verbose log:
OpenSSH_7.3p1, LibreSSL 2.4.1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: Connecting to 54.86.29.78 [54.86.29.78] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file .ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file .ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to 54.86.29.78:22 as 'perfeyhe'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:g/REeuiZutP7YHv6WJR/vhm4kROJQ+9e0ODdd1Tuvpc
debug1: Host '54.86.29.78' is known and matches the ECDSA host key.
debug1: Found key in /Users/admin/.ssh/known_hosts:3
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
----------------------------------
takes about 10s
----------------------------------
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: .ssh/id_rsa
debug1: Authentication succeeded (publickey).
Authenticated to 54.86.29.78 ([54.86.29.78]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = zh_CN.UTF-8
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-74-generic x86_64)
and attachment is what I saw from wireshark: enter image description here
An SSH connection from one node to another may be slow in setting up. This is usually because of a name resolution failure, and subsequent timeout. This can occur if the frontend was installed with an invalid DNS server.
Bookmark this question.
Use the ssh_timeout command to set the number of minutes that the SSH session can be idle before it is closed. The default timeout interval is 0 minutes. Use this value, if you do not want the SSH session to expire. The minimum timeout interval is 2 minutes.
The delay is on server so you can not see anything important in the client log nor in client side wireshark dump.
There are several possibilities which can cause this, but most probably there is UseDNS enabled in server sshd_config. Try to disable it (write UseDNS no to /etc/ssh/sshd_config), restart sshd service (service sshd restart) and try again.
If it will not help, set DEBUG3 LogLevel in the same file, restart and see the server logs where it "hangs" and what does it wait for.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With