• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

Slow SSH login due to unreachable rsyslog server

by admin

The problem

We faced this weired issue last week, where the SSH to the servers was too slow. SSH to the Linux servers was taking long time around 30 seconds to 1 minute. SSH got stuck at the below prompt and no option to enter password for 30 seconds and password prompt was displayed but nothing goes further after entering the password.

# ssh -vvv [server_ip_address]
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug3: cipher ok: arcfour [arcfour,aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes128-ctr [arcfour,aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes192-ctr [arcfour,aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes256-ctr [arcfour,aes128-ctr,aes192-ctr,aes256-ctr]
debug3: ciphers ok: [arcfour,aes128-ctr,aes192-ctr,aes256-ctr]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [hmac-sha1]
debug3: macs ok: [hmac-sha1]
...
debug1: Found key in /root/.ssh/known_hosts:36
debug2: bits set: 1063/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 813
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 52 bytes for a total of 865
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received

The Solution

SSH login to a linux server may get delayed or slow if you have a wrong rsyslog server entry or unreachable rsyslog server defined in the configuration file /etc/rsyslog.conf. To resolve the issue make sure rsyslog server is always reachable from the rsyslog clients. Or else as a workaround edit the rsyslog config file /etc/rsyslog.conf on the client side and comment out all the references related to rsyslog.

1. For example edit the file /etc/rsyslog.conf and comment out below three lines.

# vi /etc/rsyslog.conf
#*.* @@xxx.xxx.xxx.xxx:514
#daemon.*;daemon.!info /var/log/messages
#local0.info /var/log/asmaudit.log

2. Restart rsyslog service.

# service rsyslog restart        # CentOS/RHEL 6
# systemctl restart rsyslog      # CentOS/RHEL 7
Note: rsyslog service needs to be restarted in-case of any changes to rsyslog config file.

Conclusion

sshd service will trying to log the login attempts and other informative logs to syslog files but if there is load on system, or some issue with syslog service during that time then this delays the connections till the request is timed out. This can be worked around by either resolving the connectivity issue with rsyslog server or by commenting out the lines referencing the unreachable rsyslog server.

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Examples of creating command alias in different shells
  2. RedHat / CentOS : Managing software RAID with mdadm
  3. Understanding The /etc/sysconfig Directory
  4. jpegoptim for image optimization
  5. cpio command – copies, lists & extracts files to and from archives
  6. pwdx Command Examples in Linux
  7. CentOS / RHEL : Managing password ageing for users using chage (with practical Examples)
  8. Unable to Run X Applications Through SSH in Linux
  9. Red Hat / CentOS : How to create interface / NIC bonding
  10. UNIX/Linux : Access control lists (ACLs) basics

You May Also Like

Primary Sidebar

Recent Posts

  • JavaFX ComboBox: Set a value to the combo box
  • Nginx load balancing
  • nginx 504 gateway time-out
  • Images preview with ngx_http_image_filter_module

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright