« My Joost Beta Experie… | Home | This computer cannot … »

OSX, ssh, FreeBSD, login delays and a glass of red wine

I won’t bore the lot of you that could give two cents for what information I am about to offer. It’s extremely geeky, but it sucked up my entire evening of what could have been a productive night. To allow the rest of you having this problem to enjoy a productive and happy evening without banging your head against a wall, I’m sharing my solution to this annoying problem.

Don’t wanna read my blatherings? Add this to your ~/.ssh/config:

Voila, no more delays. No server config changes either. Hope you don’t have to use Kerberos!

Read on to see how I got to this solution.

So a new hosting company set up two fresh from ISO FreeBSD 6.2 installs and enabled sshd for me. Using my trusty MacBook Pro running OSX 10.4.9, I attempted to connect to my brand-spanking new servers. When I ssh‘ed to the boxes, there was a 30-60 second delay before I got the password: prompt. Believing it to be the standard reverse DNS problem, I mucked with the nameserver entries in /etc/resolv.conf, but to no avail. I started playing around with __ UseDNS yes or no __ settings in the /etc/ssh/sshd_config, but still no luck. It’s starting to piss me off, and my red wine levels are dwindling.

I google, I yahoo, I search mailing lists on FreeBSD.org and the MacOSXhints.com Forums but I still fail at finding the issue. I can see the problem:

I make an educated guess that it is something Kerberos-related, so I disable anything Kerberos related in my servers sshd_config, but that doesn’t help. So I keep searching. Finally I discuss the issue with my genius geek friend Jay and he says he’s having the same problem, but had given up trying to solve it.

“well – I’ve given up… I tried for a couple hours and then said ‘screw it, nobody’s paying me for this.’ and that was pretty much that.” – Jay Kuri

Jay did mention something about Kerberos, which I had tried and seen mentioned with the whole “credentials” thing, but passed over when I tried disabling it on the server. I finally came across this blog entry and it suggested to add some GSSAPI config vars to your sshd_config. Well I already tried that, but, hey, let’s throw them in the /etc/ssh_config on my OS X MBP.

Poof! No more delays. All I added to my ~/.ssh/config was:

Stupid, stupid OpenSSH sucked 2 hours of my life. Damnit.