long ssh communication
rahed
I connect from a debian machine with OpenSSH_3.8.1p1 to solaris 9
machines with Sun_SSH_1.0.1 using Perl modul Net::SSH::Perl. It takes
several minutes to run a command (who or something).
Connecting to a machine with OpenSSH (solaris 8) takes a second and
running ssh from a command line to solaris 9 Sun_SSH is also ok. Below
is debug output.
Could someone point me where to look at to cut down these times?
___START_DEBUGG_OUTPUT___
Reading configuration data /home/www-data/.ssh/config
Reading configuration data /etc/ssh_config
Connecting to host, port 22.
Remote protocol version 2.0, remote software version Sun_SSH_1.0.1
Net::SSH::Perl Version 1.28, protocol version 2.0.
No compat match: Sun_SSH_1.0.1.
Connection established.
Sent key-exchange init (KEXINIT), wait response.
Algorithms, c->s: 3des-cbc hmac-sha1 none
Algorithms, s->c: 3des-cbc hmac-sha1 none
##here waits around a minute
Entering Diffie-Hellman Group 1 key exchange.
Sent DH public key, waiting for reply.
Received host key, type 'ssh-dss'.
Host 'host' is known and matches the host key.
Computing shared secret key.
##here waits around a minute
Verifying server signature.
##here waits around half a minute
Waiting for NEWKEYS message.
Enabling incoming encryption/MAC/compression.
Send NEWKEYS, enable outgoing encryption/MAC/compression.
Sending request for user-authentication service.
Service accepted: ssh-userauth.
Trying empty user-authentication request.
Authentication methods that can continue: publickey,password.
Next method to try is publickey.
Trying pubkey authentication with key file '/home/www-data/.ssh/id_dsa'
Login completed, opening dummy shell channel.
channel 0: new [client-session]
Requesting channel_open for channel 0.
channel 0: open confirm rwindow 0 rmax 16384
Got channel open confirmation, requesting shell.
Requesting service shell on channel 0.
channel 1: new [client-session]
Requesting channel_open for channel 1.
Entering interactive session.
Sending command: who
Requesting service exec on channel 1.
channel 1: open confirm rwindow 0 rmax 16384
channel 1: rcvd eof
channel 1: output open -> drain
input_channel_request: rtype exit-status reply 0
channel 1: rcvd close
channel 1: input open -> closed
channel 1: close_read
channel 1: obuf empty
channel 1: output drain -> closed
channel 1: close_write
channel 1: send close
channel 1: full closed
Many thanks.
--
Radek
Claudiu Costin
Perl is and interpreted language and you should expect performance
penalty. You haven't told on what processor Debian box runs.
--
kind regards,
Claudiu Costin
Richard E. Silverman
> ##here waits around a minute
>
> Entering Diffie-Hellman Group 1 key exchange.
> Sent DH public key, waiting for reply.
> Received host key, type 'ssh-dss'.
> Host 'host' is known and matches the host key.
> Computing shared secret key.
>
> ##here waits around a minute
>
> Verifying server signature.
>
> ##here waits around half a minute
These are the public-key operations: the Diffie-Hellman key agreement and
server host key verification. They are the most computationally intensive
part of the connection setup and hence most likely to take a while if the
implementation or host are slow.
- Richard
rahed
> Perl is and interpreted language and you should expect performance
> penalty. You haven't told on what processor Debian box runs.
>
> --
> kind regards,
> Claudiu Costin
From the debian machine I get times below 3 seconds when connecting to
OpenSSH server but connecting to Sun_SSH it's in the order of minutes. I
don't think it's Perl interpreter fault.
The debian machine has a 550MHz processor. Interestingly connecting from
solaris 650 MHz to Sun_SSH server time to output the command is 3
seconds.
Thank you.
--
Radek
Darren Tucker
> I connect from a debian machine with OpenSSH_3.8.1p1 to solaris 9
> machines with Sun_SSH_1.0.1 using Perl modul Net::SSH::Perl. It takes
> several minutes to run a command (who or something).
Do other clients (eg OpenSSH) exhibit the same delays?
> Connecting to a machine with OpenSSH (solaris 8) takes a second and
> running ssh from a command line to solaris 9 Sun_SSH is also ok. Below
> is debug output.
What sizes are the host keys on those systems?
> Could someone point me where to look at to cut down these times?
A good place to start: http://www.openssh.com/faq.html#3.3
[...]
> Algorithms, s->c: 3des-cbc hmac-sha1 none
> ##here waits around a minute
How much CPU is the perl client using at this point?
[...]
> Computing shared secret key.
> ##here waits around a minute
How much CPU is the perl client using at this point?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
rahed
> On 2006-02-16, rahed <ra...@e-last-minute.com> wrote:
>> I connect from a debian machine with OpenSSH_3.8.1p1 to solaris 9
>> machines with Sun_SSH_1.0.1 using Perl modul Net::SSH::Perl. It takes
>> several minutes to run a command (who or something).
>
> Do other clients (eg OpenSSH) exhibit the same delays?
>
No.
>> Connecting to a machine with OpenSSH (solaris 8) takes a second and
>> running ssh from a command line to solaris 9 Sun_SSH is also ok. Below
>> is debug output.
>
> What sizes are the host keys on those systems?
1024 bits
>> Could someone point me where to look at to cut down these times?
>
> A good place to start: http://www.openssh.com/faq.html#3.3
>
Thanks.
>> Algorithms, s->c: 3des-cbc hmac-sha1 none
>> ##here waits around a minute
>
> How much CPU is the perl client using at this point?
>
>> Computing shared secret key.
>> ##here waits around a minute
>
> How much CPU is the perl client using at this point?
99% CPU through the ssh communication.
I added Perl modul Math::BigInt::GMP on the client side and times are
now under 3 seconds.
Though I don't understand why from another machine without this modul
the times are also under 3 seconds.
Thank you for help.
--
Radek