Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Remove a 15-second delay when connecting via FTP OS X Server
For a while now, I've ignored a 15-second (approximately) delay when connecting to an OS X Server (10.3) FTP server (xftpd). The delay was occurring after connecting, but before the server prompted for login.

After not finding any solutions in my searches online, I finally resorted to figuring it out myself. It turns out that, by default, the FTP service on OS X Server is configured to attempt to use RFC 931 to identify the user of the connecting client. However, the client is not, by default, configured to support the same functionality.

Fortunately, some digging in the man pages suggested that adding the -I command-line option to the FTP server (in the xinetd configuration) might eliminate the connection delay ... and it did! Included below is the (modified) /etc/xinetd.d/ftp file from my server (the -I option was added to the existing -a on the server_args line).
service ftp
{
        disable = no
        instances       = 100
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/libexec/xftpd
        server_args     = -aI
        groups          = yes
        flags           = REUSE
}
With this change, there's no more delay when connecting...
    •    
  • Currently 2.18 / 5
  You rated: 2 / 5 (11 votes cast)
 
[13,326 views]  

Remove a 15-second delay when connecting via FTP | 7 comments | Create New Account
Click here to return to the 'Remove a 15-second delay when connecting via FTP' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Remove a 15-second delay when connecting via FTP
Authored by: Tomnibus on Feb 25, '05 12:33:25PM

I wonder if this would explain the delay with SSH too. I find a long delay when connecting to my XServes via SSH.



[ Reply to This | # ]
Remove a 15-second delay when connecting via FTP
Authored by: jtnt on Feb 25, '05 01:01:07PM

I also experience a few seconds - 5 maybe, not 15 - when connecting to my Xserve via SSH before it prompts for authentication. Could be something similar... Or could it be something related to comparing/searching for keys?

Dunno, cuz I'm not that smart. Anybody out there that can shed light on this for us dummies? (Or should I say, this dummy?)



[ Reply to This | # ]
Remove a 15-second delay when connecting via FTP
Authored by: johnfredra on Feb 25, '05 03:46:03PM

I _think_ this is delay is a built-in security measure: it slows down brute-force password attempts. I'm pretty sure that's why it typically takes a few seconds for a password to get rejected, anyways.



[ Reply to This | # ]
Remove a 15-second delay when connecting via FTP
Authored by: kenahoo on Feb 25, '05 08:44:53PM

One way to troubleshoot the problem when connecting via SSH in the shell is to use the "-v" switch to get some debugging output. Use more v's for more verbosity, up to "-vvv".

You may find that it's trying a few different authentication methods and failing before it finds one that succeeds.

-Ken



[ Reply to This | # ]
Are you sure...
Authored by: TrumpetPower! on Feb 25, '05 04:07:48PM

…that it isn't just timing out on a reverse DNS lookup? I can't remember the last time I had this kind of delay when connecting to a service that wasn't caused by a lack of a reverse DNS entry.

As a quick check, run this from Terminal:

for ip in `ifconfig | awk '/inet / { print $2 }'`; do host ${ip}; done

(For the test to be the most meaningful, you'd have to look up the IPs on the server.)

If you experience a similar delay, and especially if you get something that says, "NXDOMAIN," then the solution is to fix DNS. If you have a publicly-routable IP address that's causing the problem, have a chat with your ISP. If you're using private IPs, considering setting up your own local caching DNS server…and make it authoritative for your local IP range.

Cheers,

b&



[ Reply to This | # ]
Are you sure...
Authored by: sbfaulkner on Feb 25, '05 09:51:56PM

100% sure... both client and server names and addresses resolve both forwards and in reverse.

Also, remember, I said that the -I option fixes the problem... therefore, it is RFC931 related.



[ Reply to This | # ]
Remove a 15-second delay when connecting via FTP
Authored by: garbuck on Oct 11, '08 12:04:12PM

Things have changed under Leopard. To fix this on OS-X 10.5, you need to edit the xftpd.plist:

sudo pico /System/Library/LaunchDaemons/xftpd.plist

Under the ProgramArguments key, change the second string from "-a" to "-aI", and the login prompt delay will disappear.



[ Reply to This | # ]