Weird delay in ssh login
Hi,
I have a VM here which gives me weird delays when I log into it (which
I can only do via SSH) since I upgraded it to Bullseye.
The connection looks like:
% ssh -v ...
[...]
debug1: control_persist_detach: backgrounding master process
debug1: forking to background
debug1: Entering interactive session.
debug1: pledge: id
debug1: multiplexing control connection
debug1: channel 1: new [mux-control]
debug1: channel 2: new [client-session]
[ !!! a bit more than 1m30s delay here !!! ]
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /home/.../.ssh/authorized_keys:NN: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/.../.ssh/authorized_keys:NN: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
[...]
Any idea what might be going on or how I could debug this?
`journalctl | grep sshd` doesn't show much of interest around that time:
Feb 21 19:02:34 ... sshd[...]: Accepted publickey for <MYUSER> from <MYIP> port 45732 ssh2: RSA ...
Feb 21 19:02:34 ... sshd[...]: pam_unix(sshd:session): session opened for user <MYUSER>(uid=<MYUID>) by (uid=0)
Feb 21 19:02:53 ... sshd[...]: Received disconnect from 109.230.224.192 port 33352:11: Bye Bye [preauth]
Feb 21 19:02:53 ... sshd[...]: Disconnected from authenticating user root 109.230.224.192 port 33352 [preauth]
Feb 21 19:03:26 ... sshd[...]: Invalid user mailing from 165.22.53.200 port 49372
Feb 21 19:03:26 ... sshd[...]: Received disconnect from 165.22.53.200 port 49372:11: Bye Bye [preauth]
Feb 21 19:03:26 ... sshd[...]: Disconnected from invalid user mailing 165.22.53.200 port 49372 [preauth]
Feb 21 19:03:32 ... sshd[...]: Connection closed by 13.92.91.254 port 47988 [preauth]
Feb 21 19:03:55 ... sshd[...]: Invalid user yogesh from 74.208.53.194 port 44634
Feb 21 19:03:55 ... sshd[...]: Received disconnect from 74.208.53.194 port 44634:11: Bye Bye [preauth]
Feb 21 19:03:55 ... sshd[...]: Disconnected from invalid user yogesh 74.208.53.194 port 44634 [preauth]
Feb 21 19:04:16 ... sshd[...]: Invalid user fiona from 178.128.218.29 port 57610
Only the first two entries seem related to my connection (and share the
same PID), the rest (from which I didn't scrub the IP and user names)
are the usual relentless attempts to log into the machine from botnets.
Stefan
Reply to: