2

I have recently created and configured an ubuntu server 14.04.3 with the help of the ubuntu-core tools. Networking with IPv4 and IPv6 works fine for me with different clients. But a few days ago, i have noticed that ssh connections are very slow. So input to the terminal and responses from the servers take very long time. It does not matter which system (Ubuntu, Windows(PUTTY)), internet provider or protocol I use. In addition to that, iptables is completely unconfigured (no rules, everything is ACCEPT).

IPTABLESv4

Chain INPUT (policy ACCEPT 86219 packets, 8886K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 76186 packets, 7537K bytes)
 pkts bytes target     prot opt in     out     source               destination

IPTABLESv6

Chain INPUT (policy ACCEPT 11 packets, 960 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 11 packets, 936 bytes)
 pkts bytes target     prot opt in     out     source               destination

SSH Configuration

# SSHD

PidFile /run/sshd/sshd.pid

Port 22
ListenAddress [my ipv6] 
ListenAddress [my ipv4]
Protocol 2

HostKey /etc/ssh/ssh_host_key_rsa
UsePrivilegeSeparation yes

SyslogFacility AUTH
LogLevel INFO

LoginGraceTime 60
PermitRootLogin no
StrictModes yes

PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

IgnoreRhosts yes
HostbasedAuthentication no

PermitEmptyPasswords no
ChallengeResponseAuthentication yes
AuthenticationMethods publickey,keyboard-interactive:pam
PasswordAuthentication no

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog no
TCPKeepAlive yes
MaxAuthTries 3
#MaxStartups 10:30:60
Banner /etc/ssh/banner

AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

I am using Google Authenticator, so I need keyboard-interactive and ChallengeResponse. For this I had to add these lines to /etc/pam.d/sshd:

# 2WayAuth
auth required pam_google_authenticator.so

Maybe anyone can solve this situation because it is really annoying to work with and I think it seems that it is a serious problem.

  • Could you check that there is no DNS problem ? Check your logs : they will be interesting too. – Dom Nov 01 '15 at 16:31
  • `UseDNS no` fixed it, thx. :) –  Nov 01 '15 at 16:48
  • `UseDNS no` fixed the reverse error. But if I connect to the server, it is fast and after a few minutes it is very slow. –  Nov 01 '15 at 17:02
  • It's an old post, but you might gain some insight here: http://serverfault.com/questions/35453/what-can-cause-slow-ssh-session (particularly the bits about latency and packet loss) – Brandon Xavier Nov 02 '15 at 00:22

0 Answers0