Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'A possible fix for slow SSH connections' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A possible fix for slow SSH connections
Authored by: rhodium on May 11, '05 01:03:10PM
After reading through this trying various 'fixes' I said the hell with it (figured apple was playing with more authentication methods than I needed [i.e. rsa/dsa auth only please]) and recompiled ssh. Worked like a charm - ssh is BACK!!

FWIW, I couldn't seem to get
 UseDNS no 
VerfiyReverseMapping no
on the server to effect anything from a Mac client. It does work on with other *NIX clients though. I actually believe the client was forcing it, and there isn't any client option to disable it.. This combined with a ton of GSAPI authentication methods was more overhead than I wanted to incur.

Here's what I did:
From a Terminal

> curl -O  
> tar zxpvf openssh-4.0p1.tar.gz
> cd openssh-4.0p1 
# Now I don't want to replace the existing binaries - I want new versions.. 
# There may be a good reason for the old one so I'll keep the existing ones
# I just want a faster ssh..
> ./configure --prefix=/usr/local --sysconfdir=/etc 

This should result in a configuration that looks like this

OpenSSH has been configured with the following options:
                     User binaries: /usr/local/bin
                   System binaries: /usr/local/sbin
               Configuration files: /etc
                   Askpass program: /usr/local/libexec/ssh-askpass
                      Manual pages: /usr/local/man/manX
                          PID file: /var/run
  Privilege separation chroot path: /var/empty
            sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                    Manpage format: doc
                       PAM support: no
                 KerberosV support: no
                 Smartcard support: no
                     S/KEY support: no
              TCP Wrappers support: no
              MD5 password support: no
                   libedit support: no
       IP address in $DISPLAY hack: no
           Translate v4 in v6 hack: no
                  BSD Auth support: no
              Random number source: OpenSSL internal ONLY

              Host: powerpc-apple-darwin8.0.0
          Compiler: gcc
    Compiler flags: -g -O2 -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: 
      Linker flags: 
         Libraries:   -lcrypto -lz 
Then just make and your off and running..

> make
# move our existing configurations over..
> sudo mv /etc/ssh_config /etc/ssh_config.old
> sudo mv /etc/sshd_config /etc/sshd_config.old
> sudo make install
Then test it using the old method first....

> time /usr/bin/ssh <some local machine> date 
/usr/bin/ssh <some local machine> date  0.10s user 0.07s system 1% cpu 8.890 total
Now let's try our new ssh..

> time /usr/local/bin/ssh <some local machine> date
/usr/local/bin/ssh <some local machine> date  0.03s user 0.04s system 12% cpu 0.582 total
Rock on!!

[ Reply to This | # ]
A possible fix for slow SSH connections
Authored by: rhodium on May 11, '05 01:19:51PM
I added a few more things..

First, fix /usr/sbin directory..

cd /usr/sbin 
sudo mv sshd sshd.old
ln -s /usr/local/sbin/sshd .
Then fix the /usr/bin directory..

cd /usr/bin
sudo mv ssh-keyscan ssh-keyscan.old
sudo mv ssh-keygen ssh-keygen.old
sudo mv ssh-agent ssh-agent.old
sudo mv ssh-add ssh-add.old
sudo mv ssh ssh.old
sudo mv scp scp.old
sudo mv sftp sftp.old
sudo ln -s /usr/local/bin/ssh* .
sudo ln -s /usr/local/bin/scp .
sudo ln -s /usr/local/bin/sftp .
Then you're all set..

[ Reply to This | # ]
A possible fix for slow SSH connections
Authored by: name99 on May 27, '05 10:49:35PM
There is a very important PROBLEM with the above hint. While it appears great (and, for the most part works) DO NOT, REPEAT, DO NOT enter the lines

   cd /usr/sbin 
   sudo mv sshd sshd.old
   ln -s /usr/local/sbin/sshd .

The idea behind these lines is that we replace the built-in ssh server with the newly built one. Unfortunately, while the newly built ssh server is probably faster than the old one, it suffers from the grievous defect of not working. Who knows what's going on inside it, but it now rejects any passwords it is given. The new server does not work with either the old Apple client or the newly built client. So the bottom line with this hint is: (1) Download as above, but check for versions. openssh-4.1p1.tar.gz has just been released, rather than the 4.0p1 of the hint. (2) Config, build, install just like above. (3) Do NOT set up the server links as suggested. Continue to use the Apple supplied /usr/sbin/sshd. (4) Do set up all the links to change the /usr/bin client apps.

[ Reply to This | # ]
A possible fix for slow SSH connections
Authored by: Sefu on Aug 30, '08 04:48:35AM

...your suggestion just turns the new ssh installation off.

I also have the same problem though with refused passwords - I think the problem with this configuration lies with the old public/private key pairs remaining in a directory also in OpenSSH's file path directive - I will try to remove these come Monday, and let you know the results.

If anyone has found another solution (especially if the above is not it), then do please let us know. Thanks!

[ Reply to This | # ]
A possible fix for slow SSH connections
Authored by: Sefu on Aug 31, '08 01:12:59AM

I noticed that there is no instruction here to change the 'startup items' sshd to the new one... still looking for possible reasons this is not working. Again, any input would be very helpful. Cheers.

[ Reply to This | # ]