0

I am currently using ch.ethz.ssh2.Connection to connect to my servers in java. sometimes it hangs on one server.(maybe like 10-15 seconds). I wanted to know what causes this hang time and how to avoid it.

Connection sample

    conn = new ch.ethz.ssh2.Connection(serverName);
    conn.connect();

    boolean isAuthenticated = conn.authenticateWithPassword(user, pass);
    logger.info("Connecting to " + server);

    if (isAuthenticated == false) {
        logger.info(server + " Please check credentials");              
    } 

    sess = conn.openSession();

   // I am connecting to over 200 servers and closing them. What would be the best practice to loop thru all these servers in the minimal time.

//some servers quickly connects, while some takes some time.
why does this happen?
JayC
  • 2,144
  • 8
  • 42
  • 77

2 Answers2

1

The main question is: Is it a code problem, a network problem or a server problem.

A code problem can be debugged - unfortunately ch.ethz.ssh2.Connection does not have any logging possibility to detect what is going inside.

May be you should thing about switching the ssh library (or use it for some tests with the problematic servers). From my experience sshj is very useful.

If it is a network problem or a server problem you can check what is going on via Wireshark. If network packets are sent but the response is delayed the problem is not the used client-side code.

Robert
  • 39,162
  • 17
  • 99
  • 152
  • I am using executor service in my application. But I still have the hang time. I want to know what causes slow servers. Also I have threadpool set to 80, would that pose a threat? – JayC Jun 15 '17 at 15:57
  • With the executor service you showed earlier, How would you shut down the thread if it takes longer than 1000 millisecond? – JayC Jun 15 '17 at 17:51
  • If the connection is delayed or stalled it is the job of the SSH library to quit the connection. Usually you can set the connection time-out and/or a maximum time the command you want to execute can take. If the time-out is reached the library quits the connection and the runnable ends. Furthermore you can monitor the TCP connection and close it from "outside" of the SSH connection - that causes all other actions to fail. – Robert Jun 15 '17 at 19:14
  • I want to kill the thread that is stuck. I did some research some say its not possible, Some say use interrupt(), future() – JayC Jun 15 '17 at 19:16
  • `interrupt()` will only work if the thread is waiting for something or it manually polls `isInterrupted()`. The first may be the case, the latter is usually not used. As I said, when dealing with network connections the most direct approach is to close the connection from outside of the thread. If closing is implemented in a good way it closes the TCP connection and forces the connection to end (and so the thread). – Robert Jun 16 '17 at 16:45
  • try { conn = new ch.ethz.ssh2.Connection(server); if(conn > 30 seconds) {conn.close();} is it possible to write something like this? – JayC Jun 16 '17 at 19:44
0

My psychic debugging powers tell me that the server is doing a DNS lookup on the IP address of each client which connects. These DNS lookups are either taking a long time to complete, or they're failing entirely. The DNS lookup will block the authentication process until it finishes, successfully or not.

If the server is the OpenSSH server, this behavior is controlled by the sshd config "UseDNS" option.

Kenster
  • 23,465
  • 21
  • 80
  • 106