03-22-2018
Slow ssh on Solaris 10 zone
ssh is slow on solaris zone , and is getting stuck at the following place.
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: Wrote 664 bytes for a total of 3325
Below is the ssh version being used: Sun_SSH_1.1.6, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
Below is the sshd config file:
Protocol 2
UseDNS yes
PermitRootLogin yes
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
X11Forwarding yes
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
Subsystem sftp /xxx/openssh/sftp-server
AuthorizedKeysCommand /usr/local/bin/ldap_ssh_authorizedkeys
AuthorizedKeysCommandUser nobody
tried changing useDNS,GSSAPIAuthentication values to no and didn't help. Could someone please help with this problem ?
on global zone ssh is quick
9 More Discussions You Might Find Interesting
1. Solaris
When I ssh to my box, an Ultra 5. I get prompted for password immediately. I enter it and have to wait sometimes a full minute for it to prompt for a password.
The same thing happens when i try to ftp to the box, it will say connected, but it takes forever to prompt for password, and... (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies
2. UNIX for Dummies Questions & Answers
Running open solaris on a e420 that I recently picked up. Having issues sshing to it from either of my Linux boxes as its very slow to login (from the solaris box to the linux box it connects just fine.
Here is the output of ssh -vvv. I have hightlighted where it seems the slowdown is. Does... (0 Replies)
Discussion started by: creedog
0 Replies
3. Solaris
Hi All ,
I try to install some packages in my global zone...
On the execution of the installion of the script it quits by saying the error
"Non global zone check failed"
Kindly help me in this regard
Thanks in advance,
jeganr (7 Replies)
Discussion started by: jegaraman
7 Replies
4. Solaris
I'm facing a problem when trying to ssh to SUN servers with solaris OS,it takes a long time until prompted for password ..after connecting to the server everything work fine..how can I solve this issue??? (11 Replies)
Discussion started by: mm00123
11 Replies
5. Solaris
Hi,
A quick question: Can Solaris 10 local zones be moved to a Solaris 11 global zone and work well?
Thank you in advance! (5 Replies)
Discussion started by: aixlover
5 Replies
6. HP-UX
Hi experts,
We are getting slow ssh session connections at HP-UX 11.31 servers.
We have set the parameters that maybe will affect , and commented at other theads at config file sshd_config :
UseDNS no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost no
GSSAPIAuthentication no.
... (7 Replies)
Discussion started by: SapBasisSystem
7 Replies
7. UNIX for Advanced & Expert Users
Dear all,
recently, I migrated a solaris zone from one host to another. The zone was inside of a zpool. The zpool cotains two volumes.
I did the following:
host1:
$ zlogin zone1 shutdown -y -g0 -i0 #Zone status changes from running to installed
$ zpool export zone1
host2:
$ zpool... (2 Replies)
Discussion started by: custos
2 Replies
8. Solaris
I am planning to do solaris 11 global zone patching having solaris 10 branded zone. I have a doubts on step 8 specially
Can someone clear my step 8 doubts or if anything wrong between step 1 to step 9 please correct that also as I have pretty good idea about Step 10 mean patching in solaris 10... (2 Replies)
Discussion started by: amity
2 Replies
9. Solaris
Hi, hoping someone can help, its been a while since I used Solaris.
After creating a NGZ (non global zone), the NGZ can access the GZ (Global Zone) and the GZ can access the NGZ (using ssh, zlogin)
However, the NGZ cannot access any other netwqork devices, it can't even see the default router
... (2 Replies)
Discussion started by: GazinLincoln
2 Replies
LEARN ABOUT DEBIAN
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
August 31, 2010 BSD