Why does ssh's “password” prompt take so long to appear?

1

When I try to ssh, the password prompt takes too long (almost two minutes) to appear.

Why does this happen?

There are several things that can go wrong. Add -vvv to make ssh print a detailed trace of what it's doing, and see where it's pausing.

The problem could be on the client or on the server.

A common problem on the server is if you're connecting from a client for which reverse DNS lookups time out. (A “reverse DNS lookup” means getting back from the client machine's IP address to a host name. It isn't really useful for security, only slightly helpful to diagnose breakin attempts from log entries, but the default configuration does it anyway.) To turn off reverse DNS lookups, add UseDNS no to /etc/ssh/sshd_config (you need to be root on the server; remember to restart the SSH service afterwards).

Another thing that can go wrong is GSSAPI authentication timing out. If you don't know what that is, you're probably not relying on it; you can turn...

0 0
2

I'm building a program which sends commands to multiple servers with as less as possible user intervention.
For this program, I use subprocess to send commands through SSH.

The interacted servers are many and dynamics.
The program will be used mainly by my team members in my company.
Most of the servers have the right file at /root/.ssh/authorized_keys and the program works great with them.

But some servers weren't installed well and we can't connect them using SSH without entering root password.
The SSH password prompts hangs at the moment it needs to

ssh.stdout.readlines()

of the "problematic server".

How can I make sure the program will ignore, skip and keep going with the code each time it faces a server that prompts for root password because of keys issue and won't hang on the password prompt?

Here is my code:

#!/usr/bin/python
from socket import socket
import subprocess, os
def...

0 0
3

If you have to wait very long for SSH starts authenticating, there could be several things that may go wrong.

Disable Reverse DNS Lookup

A common problem on the server is if you're connecting from a client for which reverse DNS lookups time out.

A “reverse DNS lookup” means getting back from the client machine's IP address to a host name. It isn't really useful for security, only slightly helpful to diagnose breaking attempts from log entries, but the default configuration does it anyway.

To disable reverse DNS lookups on an SSH server, edit SSH server configuration as follows.

$ sudo vi /etc/ssh/sshd_config # add this line UseDNS no

Then restart SSH server:

$ sudo /etc/init.d/ssh restart (Debian, Ubuntu or Linux Mint) $ sudo systemctl restart sshd (Fedora) $ sudo service sshd restart (CentOS or RHEL)

Disable GSSAPI Authentication

Another thing that can go wrong is GSSAPI authentication timing out. If you don't know what...

0 0
4
PuTTY FAQ

Previous | Contents | Next

This FAQ is published on the PuTTY web site, and also provided as an appendix in the manual.

A.1 Features supported in PuTTY

In general, if you want to know if PuTTY supports a particular feature, you should look for it on the PuTTY web site. In particular:

try the changes page, and see if you can find the feature on there. If a feature is listed there, it's been implemented. If it's listed as a change made since the latest version, it should be available in the development snapshots, in which case testing will be very welcome.try the Wishlist page, and see if you can find the feature there. If it's on there, it probably hasn't been implemented.

A.1.1 Does PuTTY support SSH v2?

Yes. SSH v2 support has been available in PuTTY since version 0.50. However, currently the default SSH protocol is v1; to select SSH v2 if your server supports both, go to the SSH panel and change the Preferred SSH protocol version...

0 0
5
...
0 0