ssh very slow

[jaha79]

Hallo,

we have some shell script that uses remsh and rcp and we want to replace them with ssh and scp. It works fine but it takes a lot of time.
A &quot;remsh <ip> ls&quot; needs 0.1 seconds and a &quot;ssh <ip> ls&quot; needs 3.4 seconds.

How can I improve the speed?

(sshd runs as a own deamon!)

 

[ShawnH9980]

If you haven't fixed this yet here is what we had to do.
We are using the OpenSSH from HPs site if yours is different then this might not apply.
cd /etc/opt/ssh
vi ssh_prng_cmds
find the df and df -i commands and comment them out.

In our case we have many filesystems and the df commands were taking the time. In talking with HP doing this doesn't seem to create any issues.

 

[Gothmolly]

Ensure that a reverse lookup for the host which is doing the remsh and ssh commands exists, either in /etc/hosts or in your DNS. Or configure your destination SSH server NOT to do DNS lookups.

 

[clonea]

Looks like ssh_prng_cmds provides encryption capability. It probably takes 3.5 seconds to run the commands. That's better than 30 seconds (which is what I have).

ssh_prng_cmds is under etc subdirectory of X. Where X is the location of ssh. My ssh is installed at /opt/openssh2. HP has a depot version that installs to /opt/ssh. Commenting out the df commands in this ssh_prng_cmds file did not make anything faster for me. But I figured ssh is running these commands to make the randomness. So maybe df is not the command that's slowing my stuff down. It's not. It's &quot;netstat -ia&quot;. Why? Because my server's reponse on this command is a lot longer than other boxes. I commented out that line. The delay reduced from 30 seconds to 3 seconds. That's good enough for me.

Now before you complain about 3 seconds being long, remember you are getting encrypted transmissions with it. You lose 3 seconds. You gain MUCH more security than by using rsh.
clonea