[Bug 416264] Re: ssh client pauses during GSS negotiation due to delay on reverse lookup in avahi
So it couldn't be a bug but an expected behavior. I don't know why GSSAPI auth needs reverse lookup but one could argue that you have to set right direct and reverse dns config in order to use SSH. If you haven't it (as in my situation) the problem could be related to you (and me :-)) Obviously you can disable GSSAPI auth (if you have access to SSH server) and, personally, I think it shouldn't enabled by default (even if many distro, as RH, do it). The suggest could be: enable it, by default, in a server distro (Ubuntu Server) and disable it, by default, in the desktop release. -- ssh client pauses during GSS negotiation due to delay on reverse lookup in avahi https://bugs.launchpad.net/bugs/416264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 84899] Re: SSH with GSSAPIAuthentication option on SSH servers are very slow
I think the bug description is not very clear: there are situations in which disabling GSSAPIAuthentication on server side fix the issue (maybe because of DNS doesn't have a reverse resolution, as in my situation fixed just putting GSSAPIAuthentication to off on a server that doesn't have a reserve resolution as it has a prive IP ) and other not (as you can read from most comments). -- SSH with GSSAPIAuthentication option on SSH servers are very slow https://bugs.launchpad.net/bugs/84899 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 416264] Re: ssh -v reports debug1 - unspecified gss failure. minor code may provide more information
Excuse me Chuck but the problem is clear. When you do ssh -v SERVER.DOMAIN you obtain an output similar to the following: OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to wall [141.250.199.62] port 22. debug1: Connection established. debug1: identity file /home/marcop/.ssh/identity type -1 debug1: identity file /home/marcop/.ssh/id_rsa type -1 debug1: identity file /home/marcop/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1 debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'wall' is known and matches the RSA host key. debug1: Found key in /home/marcop/.ssh/known_hosts:87 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Trying private key: /home/marcop/.ssh/identity debug1: Trying private key: /home/marcop/.ssh/id_rsa debug1: Trying private key: /home/marcop/.ssh/id_dsa debug1: Next authentication method: password There is no crash and no way to report it via apport. I don't know what Unspecified GSS failure means. I have no kerberos system installed in my network (maybe could be this?). However my problem was related to the fact that connecting to a server via ssh, apart from displaying the error indicated above (GSS failure), it took to long. I found that the problem was related to the fact that GSSAPIAuthentication was on by default on ssh server and the server had no reverse dns IP (it has a private address). Disabling GSSAPIAuthentication fixed the issue for me. I obtain the same error (GSS failure) also connecting to other server that have correct DNS config and GSSAPIAuthentication enabled but in these servers I don't realize about the error because of there is no delay in the connection (thanks to right DNS direct and reverse loookup). I say again that I don't know GSSAPI so if the error could be related to the fact that I have no kerberos system we could mark the bug as invalid or similar. -- ssh -v reports debug1 - unspecified gss failure. minor code may provide more information https://bugs.launchpad.net/bugs/416264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 416264] [NEW] ssh -v reports debug1 - unspecified gss failure. minor code may provide more information
Public bug reported: When I try to connect to an ssh server (with ssh -v) I always have (my system is an Ubuntu 8.04): debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey The fact is that on many servers the establishment of ssh connection is very slow because of this issue. ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- ssh -v reports debug1 - unspecified gss failure. minor code may provide more information https://bugs.launchpad.net/bugs/416264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 245493] Re: sharing a folder reports permission issues in Hardy Heron (32 bit)
mcas, I think the behavoir I described about the folder sharing is a real bug or, however, there is a bug in the steps that bring to make a share as an unexperienced user couldn't create a share the first time (as Ubuntu didn't tell to him to restart X or the system as whole) and he should spent much time to find a reason to solve the problem (maybe if he came from Windows he should try to reboot anyway :-) I think that, until to find a better solution, proposing a restart (like the system already do in the notification bar after installing new kernels) could be an immediate, functionally, and maybe simple to implement, solution to solve this bug. -- sharing a folder reports permission issues in Hardy Heron (32 bit) https://bugs.launchpad.net/bugs/245493 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 245493] Re: sharing a folder reports permission issues in Hardy Heron (32 bit)
For the reason I explained in my previous post I think it's wrong to mark the bug as invalid. -- sharing a folder reports permission issues in Hardy Heron (32 bit) https://bugs.launchpad.net/bugs/245493 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
