Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SSHD delay

from [Boris Hagel - Internetwork GmbH] Network Security [Permanent Link]
Subject: SSHD delay
Date: Mon, 28 May 2007 16:52:19 +0200 
hi,

I have a new problem on a SuSE 10.1:
SSHD (OpenSSH 4.2) needs more than 10 seconds to accept the
client-RSA-key.

Nothing has been changed before, it cames overnight...

I checked DNS-issues in /etc/resolve.conf: everything seems ok.
nslookup from client->server and server->client works fine.

But to avoid DNS/IPv6-issues, I set in ssh_config :
CheckHostIP no
AddressFamily inet

In sshd_config I set:
UseDNS no

I have a second server with exact the same configuration:
same problems there since about 14 days.

Here's the log:

May 24 12:48:33 sshd[6816]: debug1: Forked child 6817.
May 24 12:48:33 sshd[6817]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7
May 24 12:48:33 sshd[6817]: debug1: inetd sockets after dupping: 3, 3
May 24 12:48:33 sshd[6817]: Connection from xxx.xxx.xxx.xxx port 2181
May 24 12:48:33 sshd[6817]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.58
May 24 12:48:33 sshd[6817]: debug1: no match: PuTTY_Release_0.58
May 24 12:48:33 sshd[6817]: debug1: Enabling compatibility mode for protocol 2.0
May 24 12:48:33 sshd[6817]: debug1: Local version string SSH-2.0-OpenSSH_4.2
May 24 12:48:34 sshd[6817]: debug1: temporarily_use_uid: 0/0 (e=0/0)
May 24 12:48:34 sshd[6817]: debug1: trying public key file /root/.ssh/authorized_keys
May 24 12:48:34 sshd[6817]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
May 24 12:48:34 sshd[6817]: Found matching RSA key: rsa:key
May 24 12:48:34 sshd[6817]: debug1: restore_uid: 0/0
May 24 12:48:36 sshd[6817]: debug1: temporarily_use_uid: 0/0 (e=0/0)
May 24 12:48:36 sshd[6817]: debug1: trying public key file /root/.ssh/authorized_keys
May 24 12:48:36 sshd[6817]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
May 24 12:48:36 sshd[6817]: Found matching RSA key: rsa:key
May 24 12:48:36 sshd[6817]: debug1: restore_uid: 0/0
May 24 12:48:45 sshd[6817]: debug1: temporarily_use_uid: 0/0 (e=0/0)
May 24 12:48:45 sshd[6817]: debug1: trying public key file /root/.ssh/authorized_keys
May 24 12:48:45 sshd[6817]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
May 24 12:48:45 sshd[6817]: Found matching RSA key: rsa:key
May 24 12:48:45 sshd[6817]: debug1: restore_uid: 0/0
May 24 12:48:45 sshd[6817]: debug1: ssh_rsa_verify: signature correct
May 24 12:48:45 sshd[6817]: Accepted publickey for root from xxx.xxx.xxx.xxx port 2181 ssh2
May 24 12:48:45 sshd[6817]: debug1: monitor_child_preauth: root has been authenticated by privileged process
May 24 12:48:45 sshd[6817]: debug1: Entering interactive session for SSH2.
May 24 12:48:45 sshd[6817]: debug1: server_init_dispatch_20
May 24 12:48:45 sshd[6817]: debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
May 24 12:48:45 sshd[6817]: debug1: input_session_request
May 24 12:48:45 sshd[6817]: debug1: channel 0: new [server-session]
May 24 12:48:45 sshd[6817]: debug1: session_new: init
May 24 12:48:45 sshd[6817]: debug1: session_new: session 0
May 24 12:48:45 sshd[6817]: debug1: session_open: channel 0
May 24 12:48:45 sshd[6817]: debug1: session_open: session 0: link with channel 0
May 24 12:48:45 sshd[6817]: debug1: server_input_channel_open: confirm session
May 24 12:48:45 sshd[6817]: debug1: server_input_channel_req: channel 0 request pty-req reply 1
May 24 12:48:45 sshd[6817]: debug1: session_by_channel: session 0 channel 0
May 24 12:48:45 sshd[6817]: debug1: session_input_channel_req: session 0 req pty-req
May 24 12:48:45 sshd[6817]: debug1: Allocating pty.
May 24 12:48:45 sshd[6817]: debug1: session_pty_req: session 0 alloc /dev/pts/0
May 24 12:48:45 sshd[6817]: debug1: server_input_channel_req: channel 0 request shell reply 1
May 24 12:48:45 sshd[6817]: debug1: session_by_channel: session 0 channel 0
May 24 12:48:45 sshd[6817]: debug1: session_input_channel_req: session 0 req shell
May 24 12:48:45 sshd[6819]: debug1: Setting controlling tty using TIOCSCTTY.
May 24 12:48:45 sshd[6819]: debug1: permanently_set_uid: 0/0


Any ideas?

Thanks, Boris

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SSHD delay, Boris Hagel - Internetwork GmbH <=
Previous by Date:  Re: SSH tunnel question., Ventsislav Genchev
Next by Date:  Tunnel-Only User with Pubkey auth. with SSH, security@network-master.com
Previous by Thread:  SSH tunnel question., Leif Ericksen
Next by Thread:  Tunnel-Only User with Pubkey auth. with SSH, security@network-master.com
Indexes:  [Date] [Thread] [Top] [All Lists]