On Fri, Aug 05, 2005 at 03:13:01PM +0800, James Duff wrote: > Both sshd, and proftpd are very slow to respond. I've noticed this in > sshd under debian on previous versions and machines also. Sshd asks > for a username almost immediately when I connect, but there is a > substantial time before it asks for a password. > > Proftpd also has a significant delay before responding to login information.
Is there a packet filtering firewall or a NAT device between your client machines and the server, or do your clients run a personal firewall software which drops incoming connections? Or does your server machine drop outgoing connections? Your FTP and SSH servers might be configured to ask the client machine which user issued the connection request. The "ident" protocol is used for this purpose (sometimes also called "auth", which is a bit misnamed). If your client machines ignore such connection attempts, instead of rejecting them, this will cause the delays you observed. You should be able to analyse this by running a packet sniffer such as ethereal on the server side. Another reason could be that the user lookup on the server itself takes too long. Which user directory are you using - passwd, NIS, LDAP or something else? If you don't know, please look in /etc/passwd for lines starting with "+" (which would indicate you are using NIS), and post your /etc/nsswitch.conf. The strace tool, attached to a server process, might help diagnosing this case. Mirko -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
