Here is a great explanation of Security vs Privacy. (I had to copy this image to my blog since I didn`t want it to disappear in the future)
Monthly Archives: January 2008
ssh delays on trixbox
I had some ssh problems on my trixbox installations. Each time I try to connect to the trixbox using ssh I had some delay. The classical solution for this is to disable the reverse DNS lookups by changing the line in /etc/ssh/sshd_config to:
UseDNS no
But in this case, this didn`t solve my problem. I ran my connection wth verbosity.
ssh -vvv some.host.com
I had a delay in this step:
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
AFAIK, this is related to openssh kerberos authentication. This is something that I really really don`t need. So I disabled in /etc/ssh/sshd_config the lines:
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
#GSSAPICleanupCredentials yes
After the restart, there was no delay. Even with the “UseDNS yes”.