Date: Thu, 19 Jul 2018 16:11:03 -0400 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-questions@freebsd.org Subject: FreeBSD-11.1 Jails and SSL Message-ID: <b09a213c9018244d79763c7d65e98e1c.squirrel@webmail.harte-lyne.ca>
next in thread | raw e-mail | index | archive | help
I notice a distinct delay when connecting to a jail using ssh. There is no delay when I connect to the jail's host. The jail is running local_unbound and sshd_config contains the same settings as the host, with the necessary changes for the service IP and such. I ran ssh with -vv and the connection is instantaneous up to this point: . . . debug1: SSH2_MSG_NEWKEYS received debug2: key: /root/.ssh/id_rsa (0x80208e200) debug2: key: /root/.ssh/id_dsa (0x0) debug2: key: /root/.ssh/id_ecdsa (0x80208e180) debug2: key: /root/.ssh/id_ed25519 (0x80208e040) debug1: SSH2_MSG_EXT_INFO received debug1: Fssh_kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received Then there is a long delay (~18s) after which the pre login text appears !Warning!! - Any deliberate attempt to access this resource without legitimate authorization is a criminal offence (R.S.C. 1985, c. C-46 - Section 342.1). debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: /root/.ssh/id_rsa debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg rsa-sha2-512 blen 535 debug2: input_userauth_pk_ok: fp SHA256:cJBXJBwve7zD8D1AM24vWsFYwrhz68ntuYbEiaxLp94 Then another delay of approximately 13s before the login prompt appears. Connecting to that jail's host exhibits no delay whatsoever. The uptime counts on both the jail and the host are similar. Jail: 4:08PM up 15 days, 5:25, 1 users, load averages: 0.28, 0.43, 0.41 Host: 4:09PM up 15 days, 5:26, 2 users, load averages: 0.32, 0.42, 0.41 What is the reason for the dependency in the connection times? How is it fixed? -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b09a213c9018244d79763c7d65e98e1c.squirrel>