[wplug] ssh with VPN question
Rick Reynolds
rick at rickandviv.net
Fri Mar 19 20:57:54 EDT 2010
Hmm... Not too sure about that. Ping commands return very quickly when I use the name.
Thanks,
Rick Reynolds
--
"Your brain's operating system isn't written in C++" -- Steve Yegge
On Mar 19, 2010, at 8:16 PM, Moshe Hyzon wrote:
> I bet you it is dns lookups timing out. After you connect to the VPN,
> the Linux box's Dns servers change to your work servers, so lookups
> for your mac's address fail after a timeout.
>
> Moshe
>
> --
> Moshe Hyzon (Mobile)
>
> This email may contain confidential information. Please delete it if
> you are not the intended recipient.
>
> On Mar 19, 2010, at 19:06, Rick Reynolds <rick at rickandviv.net> wrote:
>
>> My work only allows connection via VPN. My main machine is a Mac
>> which they won't support.
>>
>> They do support Linux connections to the VPN, however. So I'm
>> working on a system whereby I connect to work via a CentOS Linux box
>> and then use ssh tunneling through that box to get to services
>> within my company's network.
>>
>> It all works just fine. Except that ssh is VERY SLOW to make the
>> connection while the VPN is up.
>>
>> So what I'm seeing:
>>
>> 1. I ssh to the Linux box (which connects just about immediately)
>> and start the command line VPN client.
>> 2. I then attempt another ssh connection to the Linux box and it
>> takes a little over 1 minute to make the ssh connection (I measured
>> 1:12).
>>
>> If I turn off the VPN connection to work, ssh is fast again.
>>
>> It looks like it is the ssh protocol itself that is seeing a
>> slowdown. When I add -vv to my ssh command line, it spews a bunch
>> of debug info and stops at this point for some seconds:
>>
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug2: key: /Users/rick/.ssh/id_rsa (0x100125a40)
>> debug2: key: /Users/rick/.ssh/id_dsa (0x100125e70)
>> debug1: Authentications that can continue: publickey,gssapi-with-
>> mic,password
>> debug1: Next authentication method: publickey
>> debug1: Offering public key: /Users/rick/.ssh/id_rsa
>> debug2: we sent a publickey packet, wait for reply
>>
>> Then at this point:
>>
>> debug1: Server accepts key: pkalg ssh-rsa blen 277
>> debug2: input_userauth_pk_ok: fp 6c:24:7d:03:3c:fd:3b:
>> 0f:c5:76:e0:a9:ef:81:e2:e6
>> debug1: read PEM private key done: type RSA
>>
>> Then here for the bulk of the time:
>>
>> debug1: Authentication succeeded (publickey).
>> debug1: channel 0: new [client-session]
>> debug2: channel 0: send open
>> debug1: Entering interactive session.
>>
>> Then another stop after this:
>>
>> debug2: callback start
>> debug2: client_session2_setup: id 0
>> debug2: channel 0: request pty-req confirm 1
>> debug1: Sending environment.
>> debug2: channel 0: request shell confirm 1
>> debug2: fd 3 setting TCP_NODELAY
>> debug2: callback done
>> debug2: channel 0: open confirm rwindow 0 rmax 32768
>> debug2: channel_input_status_confirm: type 99 id 0
>> debug2: PTY allocation request accepted on channel 0
>> debug2: channel 0: rcvd adjust 2097152
>> debug2: channel_input_status_confirm: type 99 id 0
>> debug2: shell request accepted on channel 0
>>
>> And then this message comes out with another delay:
>>
>> Last login: Fri Mar 19 18:52:16 2010 from jordan
>>
>> And then I'm logged in.
>>
>> Any ideas on how I can debug this?
>>
>>
>> Thanks,
>> Rick Reynolds
>> --
>> I had a dream that I was eating my pillow, and in the morning my
>> giant marshmallow was gone!
>>
>>
>> _______________________________________________
>> wplug mailing list
>> wplug at wplug.org
>> http://www.wplug.org/mailman/listinfo/wplug
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
More information about the wplug
mailing list