Problems with SSH and Subversion over SSH/HTTPS

[Micah R Ledbetter]

Hello, all.

I'm having a couple of problems that I can't get to the bottom of. I'm  
using a FreeBSD 7.1-RELEASE-p2 server running on AMD64, serving ssh  
and https, with various Mac OS X and Windows clients. I have recently  
come to wonder if these problems (described below) are related to SSL  
somehow, or perhaps /dev/random. If there's any tuning I could do  
along those lines, or if anyone has any other tips at all that could  
improve this situation, I'd very much love to hear them.



1) Paging through a lot of text over SSH is very slow.

If I compile a large program, or cat a large text file, or even use  
less to page through 8-10 pages of text, ssh becomes very slow.  
Sometimes I can wait it out, and let it catch up after a half minute  
or so, but sometimes I just have to kill ssh and reconnect.


This is notable to me because when I was running other operating  
systems on the same box (Solaris 10 and Linux, at various points in  
the past), which I could of course make my connection fail if I ran  
pathological tests, the difference was like night and day. Now, if I  
cat a file which turns out to be bigger than I expect, typing ^C  
several times - even if I do so just a couple of seconds after I start  
the cat - tends to cancel the cat only rarely... the buffer is so far  
behind that it can't process my input until it catches up, which it  
can't do and I have to end up killing the connection. This is much  
different than my experience with other operating systems.


This happens when I'm using OpenSSH 5.1p1 on my Mac, and when I'm  
using any of several recent versions of PuTTY on the various Windows  
machines.


Oddly, I can get decent speed when copying large files over sftp or  
scp - I haven't done any benchmarks, but it's in line with normal  
network speed for a 100mbps network.



2) SVN over both svn+ssh:// and https:// is also very slow

The repository in question is only three revisions old, and the whole  
repo is less than 200K. All of the files are plain text.


If I check this repo out, via either svn+ssh, or https, using the  
command line client installed on my Mac (which happens to be...  
Subversion 1.5.1), it takes two or three minutes over a perfectly fast  
Internet connection. If I use TortoiseSVN on a Windows machine, it  
takes so long that TSVN times out and says it can't complete the  
transaction. (Using a command-line SVN client on Windows seems to  
produce similar results to the command line client on my Mac).


If I type in the https:// URL for the subversion repository in a web  
browser, and click on individual text files, it displays them much  
more slowly (taking several seconds for a file only a few KB large)  
than I would expect as well.


I have tried this with Subversion version 1.5.1 and 1.6.0, compiled  
from ports, on the FreeBSD server, with no change.



When this is happening, load remains at near 0.00 on the FreeBSD  
server. The network connection is plenty fast, as previously  
mentioned, and the behavior is the same whether I'm connecting over  
the Internet (the FreeBSD box has a 16mbps/2mbps link) or the 100mbps  
local LAN.


For the record: I *have* compiled my own kernel, but its configuration  
differs only from the GENERIC kernel in my appending of the following  
options:



options IPFIREWALL
options IPDIVERT
options GEOM_MIRROR


If necessary, I can test with the GENERIC kernel again.

I have not changed the kern.random parameters, but here they are for  
the sake of completeness. They are in line with the defaults, at least  
as far as i can tell from random(4).



# sysctl kern.random
kern.random.yarrow.gengateinterval: 10
kern.random.yarrow.bins: 10
kern.random.yarrow.fastthresh: 192
kern.random.yarrow.slowthresh: 256
kern.random.yarrow.slowoverthresh: 2
kern.random.sys.seeded: 1
kern.random.sys.harvest.ethernet: 1
kern.random.sys.harvest.point_to_point: 1
kern.random.sys.harvest.interrupt: 1
kern.random.sys.harvest.swi: 0



I very much thank anyone for any help they can provide.

 - Micah
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Problems with SSH and Realtek driver

[Lowell Gilbert]

"Alexander Schlichting" <[EMAIL PROTECTED]> writes:

>  
>
> I had a problem with the sshd disconnecting incoming connections after a few
> seconds of inactivity. I tried a lot and found no solution for this so I
> ended up with trying the latest driver from here :
> http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1
>  d=4&Level=5&Conn=4&DownTypeID=3&GetDown=false&Downloads=true>
> &PNid=13&PFid=4&Level=5&Conn=4&DownTypeID=3&GetDown=false&Downloads=true
> and since the driver is from mid November last year I did not expect it to
> be any better. I actually expected FreeBSD to have that driver with the
> kernel but it seems like it's not. After installing this driver all my
> problems are gone. The problem is I have to install 4 servers with the same
> Realtek NIC. What would be the best way to do this and to compile the driver
> static with the kernel. I would like to avoid loading it as a module for
> every server. Does a snapshot release maybe have the latest Realtek driver ?

That depends a bit on exactly which RealTek hardware you have.  
However, the drivers have undergone continuous development, so your
results are likely to be better with more recent FreeBSD code.

An examination of the code with that version and the one it was based
on could tell you what the changes were that RealTek made.  Then you
could see if those changes have made it into the latest version.

Good luck.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Problems with SSH and Realtek driver

[Alexander Schlichting]

 

I had a problem with the sshd disconnecting incoming connections after a few
seconds of inactivity. I tried a lot and found no solution for this so I
ended up with trying the latest driver from here :
http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1

&PNid=13&PFid=4&Level=5&Conn=4&DownTypeID=3&GetDown=false&Downloads=true
and since the driver is from mid November last year I did not expect it to
be any better. I actually expected FreeBSD to have that driver with the
kernel but it seems like it's not. After installing this driver all my
problems are gone. The problem is I have to install 4 servers with the same
Realtek NIC. What would be the best way to do this and to compile the driver
static with the kernel. I would like to avoid loading it as a module for
every server. Does a snapshot release maybe have the latest Realtek driver ?

 

-Alex

 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Problems with ssh

[David Landgren]

Peter Ulrich Kruppa wrote:

Hi!

I can't ssh into one of my machines anymore.
The only possible reason I can think of is that I played around
with it's IP. Does it have to be reset somehow?
Delete any references to it in ~/.ssh/known_hosts on any machine from 
which you wish to connect to the machine in question.

Also, try ssh -v ... to see why/when it fails.

David

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Problems with ssh

[Peter Ulrich Kruppa]

Hi!

I can't ssh into one of my machines anymore.
The only possible reason I can think of is that I played around
with it's IP. Does it have to be reset somehow?


Regards,

Uli.


+---+
|Peter Ulrich Kruppa|
| Wuppertal |
|  Germany  |
+---+
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: problems with SSH/DSA authentication

[Bsd Neophyte]

--- Ronald Clark <[EMAIL PROTECTED]> wrote:
> Permissions. Start there by issuing the command chmod -R 0600
> . 

i've done this.

> Also, how is your key pasted into authorized_keys2? If you did the key
> block, I have had some trouble in the past getting that to work. So take
> the
> public key string from puttygen and paste it or cat it into the
> authorized_keys2 and try again.

i saved it directly using puttygen's saving feature... and i tried cutting
and pasting.  still no luck.
 
> 
> If worse comes to worse, kill the sshd service and manually restart it
> with
> the -d option and watch the screen on the FreeBSD box while you try to
> come
> in. It will usually spell out the problem. 

i did this as well... but the output is too cryptic fo me to figure out. 
you mind taking a look at the output?



__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

problems with SSH/DSA authentication

[Bsd Neophyte]

i want to get a makeshift eToken system working.

i use putty to access my freebsd machine.  i also used puttygen to create
a DSA keypair.

i coped the public key onto ~/.ssh/authorized_keys2 and the private on to
the usb flash device under id_dsa.

when i point putty to the private keypair, i get the following error:

"Server refused our key"

any clues how to sort this out?



__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message