ssh is very slow since ubuntu feisty

Asked by Pere Quintana Seguí on 2007-06-09

Hello

I use ssh to connect to my accounts in dreamhost.com and rsync.net.

Since I upgraded to ubuntu feisty ssh is very slow, and many times it even doesn't connect at all.

I use rsync.net for backups and now I cannot do these backups, which are important .... :(

Do you have any ideas of how to solve this problem?

thanks

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu openssh Edit question
Assignee:
No assignee Edit question
Solved by:
Pere Quintana Seguí
Solved:
2007-06-13
Last query:
2007-06-13
Last reply:
2007-06-12

Can you run ssh with the -vvv option to see where the delay is?

Pere Quintana Seguí (pere) said : #2

Hello,

Here it is, after the last message, nothing happens.

pqs@quintana:~$ ssh -vvv <email address hidden> > ovaltine.txt
OpenSSH_4.3p2 Debian-8ubuntu1, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /home/pqs/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to ovaltine.dreamhost.com [208.113.160.11] port 22.
debug1: Connection established.
debug1: identity file /home/pqs/.ssh/identity type -1
debug3: Not a RSA1 key file /home/pqs/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/pqs/.ssh/id_rsa type 1
debug1: identity file /home/pqs/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 Debian-8.sarge.6
debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.6 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-8ubuntu1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,<email address hidden>,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,<email address hidden>,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<email address hidden>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<email address hidden>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,<email address hidden>,zlib
debug2: kex_parse_kexinit: none,<email address hidden>,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,<email address hidden>,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,<email address hidden>,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<email address hidden>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<email address hidden>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 114/256
debug2: bits set: 522/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/pqs/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 16
debug3: check_host_in_hostfile: filename /home/pqs/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 17
debug1: Host 'ovaltine.dreamhost.com' is known and matches the RSA host key.
debug1: Found key in /home/pqs/.ssh/known_hosts:16
debug2: bits set: 508/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received

Ralph Janke (txwikinger) said : #3

At the bug https://bugs.beta.launchpad.net/ubuntu/+source/openssh/+bug/84899 are some workarounds. Maybe one of those help.

Pere Quintana Seguí (pere) said : #4

After testing what is proposet, it didn't work... :'(

Waleed Harbi (waleed-harbi) said : #5

You may have firewall, try run iptables -L

What is the results?

Pere Quintana Seguí (pere) said : #6

These are the results,

thank you!

pqs@quintana:~$ sudo iptables -L
Password:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Waleed Harbi (waleed-harbi) said : #7

Try test ssh from another machine, is it same thing?

Pere Quintana Seguí (pere) said : #8

I don't have another machine,

but I have downloaded the windows version of Putty and run it with wine. This way I can connect with no problems.

Then I saw that there is a putty for linux. So I apt-get installed it and it didn't work, like the standard ssh.

Waleed Harbi (waleed-harbi) said : #9

try mv .ssh folder to /opt then try ssh to your server
also give me your log:
sudo tail -50 /var/log/secure

Yours,
Waleed

Waleed Harbi (waleed-harbi) said : #10

try mv .ssh folder to /opt then try ssh to your server
also give me your logs:
sudo tail -50 /var/log/secure

Yours,
Waleed

Logix (lauchpad-net-logix) said : #11

I had the same problem.. Heres the fix...

in /etc/ssh/ssh_config, comment out the following lines:

GSSAPIAuthentication yes
GSSAPIDelegateCredentials no

Pere Quintana Seguí (pere) said : #12

Logix, it didn't work

Waleed, I haven't tryed yet, I'll try to do what you propose tomorrow

Thank you all.

Pere,
   When running the ssh -vvv, does any particular part of the transaction seem to take more time that the others? Also, it it only establishing the initial connection that is slow, or is the entire session slow?

As a side note, it looks like your ~/.ssh/id_rsa file is invalid or corrupt. You might try moving it out of the way and see if that has any impact.

Best Pere Quintana Seguí (pere) said : #14

Hello

> As a side note, it looks like your ~/.ssh/id_rsa file is invalid or corrupt. You might try moving it out of the way and see if that has any impact.

I mv the .ssh folder out and it worked. So the problem was in this corrupt file.

Thank you all for your help

best regards

Pere

Waleed Harbi (waleed-harbi) said : #15

Good luck :P