[ale] more fun with ssh
Wolf Halton
wolf.halton at gmail.com
Sun Aug 12 10:59:50 EDT 2012
On Sun, Aug 12, 2012 at 10:37 AM, Wolf Halton <wolf.halton at gmail.com> wrote:
>
>
> On Sun, Aug 12, 2012 at 10:32 AM, Wolf Halton <wolf.halton at gmail.com>wrote:
>
>>
>>
>> On Sun, Aug 12, 2012 at 10:19 AM, Jim Kinney <jim.kinney at gmail.com>wrote:
>>
>>> It still tries to resolve the ip to a host name. If you're not using dns
>>> for that segment, put a name in etc/hosts.
>>> On Aug 12, 2012 9:52 AM, "Wolf Halton" <wolf.halton at gmail.com> wrote:
>>>
>>>> Why would one of the hosts in my network take a very long time (over 10
>>>> seconds) to negotiate a connection from another host on the same lan. Using
>>>> IP address only, no DNS resolution involved.
>>>>
>>>> This would only be an interesting oddity if it didn't time out nagios
>>>> checks.
>>>>
>>>> Wolf
>>>>
>>>> http://evergreen-community-01.lyrasistechnology.org
>>>> http://sourcefreedom.com
>>>> Apache developer:
>>>> wolfhalton at apache.org
>>>>
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>>>
>>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>>
>>>
>> debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
>> debug1: SSH2_MSG_KEXINIT sent
>> debug1: SSH2_MSG_KEXINIT received
>> debug1: kex: server->client aes128-ctr hmac-md5 none
>> debug1: kex: client->server aes128-ctr hmac-md5 none
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>> debug1: Host '192.168.10.56' is known and matches the RSA host key.
>> debug1: Found key in /home/nagios/.ssh/known_hosts:32
>> debug1: ssh_rsa_verify: signature correct
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> %% slowdown is right here %%
>> debug1: Authentications that can continue: publickey,password
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/nagios/.ssh/identity
>> debug1: Offering public key: /home/nagios/.ssh/id_rsa
>> debug1: Server accepts key: pkalg ssh-rsa blen 277
>> debug1: read PEM private key done: type RSA
>> debug1: Authentication succeeded (publickey).
>> debug1: channel 0: new [client-session]
>> debug1: Requesting no-more-sessions at openssh.com
>> debug1: Entering interactive session.
>> debug1: Sending environment.
>> debug1: Sending env LANG = en_US.UTF-8
>>
>> Why would only this host have that slow-down and none of the others?
>> --
>> This Apt Has Super Cow Powers - http://sourcefreedom.com
>> Open-Source Software in Libraries - http://FOSS4Lib.org
>> Advancing Libraries Together - http://LYRASIS.org
>> Apache Open Office Developer wolfhalton at apache.org
>>
>>
> How would I get it to NOT check reverse DNS?
> http://ubuntuforums.org/showthread.php?t=1699197
>
> "Just add the parameter "UseDNS no" on /etc/ssh/sshd_config" to the remote
> host I am shelling into?
>
> --
> This Apt Has Super Cow Powers - http://sourcefreedom.com
> Open-Source Software in Libraries - http://FOSS4Lib.org
> Advancing Libraries Together - http://LYRASIS.org
> Apache Open Office Developer wolfhalton at apache.org
>
>
Well adding the nagios server to the /etc/hosts file of the slowpoke,
worked for that server, and adding the "UseDNS no" parameter to the
/etc/sshd_config file on the slowpoke made other local servers access it
properly.
Now my question is, "Why does the system have to convert to SSH type I and
how do I get it to use type II?
--
This Apt Has Super Cow Powers - http://sourcefreedom.com
Open-Source Software in Libraries - http://FOSS4Lib.org
Advancing Libraries Together - http://LYRASIS.org
Apache Open Office Developer wolfhalton at apache.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120812/c66eb893/attachment.html
More information about the Ale
mailing list