RE: [Ssh-sftp-perl-users] SSH Connections have 15-second Latency

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Thanks to David Funk for providing this as a fix to the list earlier. 

I installed IO::Handle 

Then installed Math::BigInt::GMP 

I installed these and my latency problems went away. 

You can also try the new Net::SSH2 module which is supposed to be quite
fast. I'm just starting to test it for some of my jobs.

  _____  

From: ssh...@li...
[mailto:ssh...@li...] On Behalf Of Rhugga
Harper
Sent: Saturday, November 05, 2005 2:38 PM
To: SSH-Perl List
Subject: [Ssh-sftp-perl-users] SSH Connections have 15-second Latency

Hey All,

I am using Net::SSH::Perl 1.29 on a Red Hat AS3 U4 system. (This is perl,
v5.8.0 built for i386-linux-thread-multi) When making a simple connection to
several host systems there is a 15-second latency during the connection. I
have played with different ciphers and etc... 

This might be related to a problem I found using just plain ssh in a bash
shell. When I connect with X11Forwading enabled, there is about a 5 second
pause here:

ssh -X -v -v myhost uptime

debug1: read PEM private key done: type DSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start 
debug2: x11_get_proto: /usr/bin/X11/xauth -f /tmp/ssh-DFJeCM7583/xauthfile
generate unix:22.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null

After I see this line displayed on the console, it hangs for about 5
seconds. The next line displayed is this:

debug2: x11_get_proto: /usr/bin/X11/xauth -f /tmp/ssh-DFJeCM7583/xauthfile
list unix:22.0 . 2>/dev/null

Using 'ssh -x -v -v myhost uptime' the connection is sub-second.

So, I created a /root/.ssh/config file and disabled all X11 stuff and the
Agent forwarding as well, however, I get a latency when connecting. (Its
longer than I get from the command line test)

Here is the debug 2 output: (you should be able to glean all relevant SSH
versions from this output)

[root@adcinfops02 admin]# ./test.pl
adcinfops02: Reading configuration data /root/.ssh/config
adcinfops02: Reading configuration data /etc/ssh_config
adcinfops02: Allocated local port 1023.
adcinfops02: Connecting to adcbkp1, port 22. 
adcinfops02: Remote protocol version 2.0, remote software version
OpenSSH_3.8.1p1
adcinfops02: Net::SSH::Perl Version 1.29, protocol version 2.0.
adcinfops02: No compat match: OpenSSH_3.8.1p1.
adcinfops02: Connection established. 
adcinfops02: Sent key-exchange init (KEXINIT), wait response.
adcinfops02: Algorithms, c->s: 3des-cbc hmac-sha1 none
adcinfops02: Algorithms, s->c: 3des-cbc hmac-sha1 none

IT FIRST HANGS HERE FOR ABOUT 5 SECONDS

adcinfops02: Entering Diffie-Hellman Group 1 key exchange.
adcinfops02: Sent DH public key, waiting for reply.
adcinfops02: Received host key, type 'ssh-dss'.
adcinfops02: Host 'adcbkp1' is known and matches the host key. 
adcinfops02: Computing shared secret key.

IT HANGS HERE FOR ABOUT 5 SECONDS

adcinfops02: Verifying server signature.

IT HANGS HERE FOR ABOUT 3 SECONDS

adcinfops02: Waiting for NEWKEYS message.
adcinfops02: Enabling incoming encryption/MAC/compression.
adcinfops02: Send NEWKEYS, enable outgoing encryption/MAC/compression.
adcinfops02: Sending request for user-authentication service. 
adcinfops02: Service accepted: ssh-userauth.
adcinfops02: Trying empty user-authentication request.
adcinfops02: Authentication methods that can continue:
publickey,password,keyboard-interactive.
adcinfops02: Next method to try is publickey. 
adcinfops02: Trying pubkey authentication with key file '/root/.ssh/id_dsa'
adcinfops02: Login completed, opening dummy shell channel.
adcinfops02: channel 0: new [client-session]
adcinfops02: Requesting channel_open for channel 0. 
adcinfops02: channel 0: open confirm rwindow 0 rmax 32768
adcinfops02: Got channel open confirmation, requesting shell.
adcinfops02: Requesting service shell on channel 0.
adcinfops02: channel 1: new [client-session] 
adcinfops02: Requesting channel_open for channel 1.
adcinfops02: Entering interactive session.
adcinfops02: Sending command: uptime
adcinfops02: Requesting service exec on channel 1.
adcinfops02: channel 1: open confirm rwindow 0 rmax 32768 
adcinfops02: channel 1: rcvd eof
adcinfops02: channel 1: output open -> drain
adcinfops02: channel 1: obuf empty
adcinfops02: channel 1: output drain -> closed
adcinfops02: channel 1: close_write 
adcinfops02: input_channel_request: rtype exit-status reply 0
adcinfops02: channel 1: rcvd close
adcinfops02: channel 1: input open -> closed
adcinfops02: channel 1: close_read
adcinfops02: channel 1: send close 
adcinfops02: channel 1: full closed
  1:27pm  up 17 day(s),  8:22,  4 users,  load average: 1.77, 2.48, 2.31

exit=0
adcinfops02: channel 2: new [client-session]
adcinfops02: Requesting channel_open for channel 2.
adcinfops02: Entering interactive session.
adcinfops02: Sending command: date
adcinfops02: Requesting service exec on channel 2. 
adcinfops02: channel 2: open confirm rwindow 0 rmax 32768
adcinfops02: channel 2: rcvd eof
adcinfops02: channel 2: output open -> drain
adcinfops02: input_channel_request: rtype exit-status reply 0
adcinfops02: channel 2: rcvd close 
adcinfops02: channel 2: input open -> closed
adcinfops02: channel 2: close_read
adcinfops02: channel 2: obuf empty
adcinfops02: channel 2: output drain -> closed
adcinfops02: channel 2: close_write
adcinfops02: channel 2: send close
adcinfops02: channel 2: full closed
Sat Nov  5 13:27:08 PST 2005

exit=0

The code used for the second example above is as follows:

#!/usr/bin/perl

use Net::SSH::Perl;

my %ssh_config =        (
                        "ForwardAgent"          => "no",
                        "ForwardX11"            => "no",
                        "ForwardX11Trusted"     => "no", 
                        "Protocol"              => "2"
                        );

my $ssh = Net::SSH::Perl->new("adcbkp1", debug => 2);

$ssh->login();

my ($stdout, $stderr, $exit) = $ssh->cmd('uptime'); 
print STDOUT "$stdout\n";
print STDOUT "exit=$exit\n";

my ($stdout, $stderr, $exit) = $ssh->cmd('date');
print STDOUT "$stdout\n";
print STDOUT "exit=$exit\n";
exit 0;

Anyone have any ideas??? I need to use this module to monitor hundreds of
hosts but a 15+ second latency will not work for us.

Thanks for any help,

CC