On Wed 12 Jul 2023, at 18:29, Gareth Evans <donots...@fastmail.fm> wrote:
>> On 12 Jul 2023, at 15:12, David Mehler <dave.meh...@gmail.com> wrote: >> [sshd login takes a long time] > [...] > Does > > ssh -vvv ... > > (at client) shed any light? Replying to an off-list message from David in which he stated ssh -vvv waits after > debug1: Entering interactive session. > debug1: pledge: network The same symptoms appear in an answer to https://superuser.com/questions/166359/why-is-my-ssh-login-slow which includes various solutions, some more permanent/apparently likely to help you than others. Just out of interest, is the su command (on the ssh server machine) also affected by authentication delays? This apparently suggests a PAM issue. If you start a new ssh server on a different port and enable debugging: $ sudo /usr/sbin/sshd -ddd -p1234 then at what point does it hang when you ssh from the other machine? Don't forget to specify target port (with -p1234) If PAM-related, then answers at the above link suggest: 1. "I found that PAM was reading the file /var/log/btmp, which had become huge as a result of people trying to brute-force my server. This was leading to login times of a minute. Clearing this file solved the problem." 2. "I noticed that when I change UsePAM yes to UsePAM no then this issue is resolved." There may be security (or other) issues with (2). To avoid the risk of locking yourself out of VPS I would Copy /etc/ssh/sshd_config elsewhere Amend the copy to include UsePAM no $ sudo /var/sbin/sshd -f /path/to/sshd_config_copy -ddd -p1235 (NB use new port number if previous command still running) then see if you can ssh to it. If the issue is not solved by either of the above, please give any sshd debug output that seems relevant for a few lines before/after the wait. To view the systemd journal, see man journalctl You may however like to install rsyslog to get /var/log/syslog back. Not sure if it's retro-active though. HTH Gareth
