[arch-general] Latest openssh - Premier connectivity tool for remote login with the SSH protocol?

Tue Jul 17 14:48:19 UTC 2018

All,

  I have several scripts that perform backup work between six or so machines,
all Arch. The script uses rsync to make approximately 6 connections to each
server and transfer 100 directories from various parts of the filesystem.
After the latest update to openssh 7.7p1-2, the time to connect feels like it
has quadrupled.

  For example, in the past, when the script ran, a connection, check if files
are newer and logout took less than a second. (it's a pilot thing, every time
I'm watching something with an interest in the time is 1-1000, 2-1000, 3-1000,
etc..) Now that 1-sec negotiation, check and logout has ballooned to
4-seconds, e.g.

Jul 17 09:20:24 phoinix sshd[2652]: Accepted publickey for david from
66.76.46.195 port 59956 ssh2: ECDSA
SHA256:97TPKWvaGks+sjneobeoY9RpK1Hznnh8xJCjbcAWrkQ
Jul 17 09:20:24 phoinix sshd[2652]: pam_unix(sshd:session): session opened for
user david by (uid=0)
Jul 17 09:20:24 phoinix systemd-logind[408]: New session c18 of user david.
Jul 17 09:20:24 phoinix systemd[1]: Started Session c18 of user david.
Jul 17 09:20:28 phoinix sshd[2654]: Received disconnect from 66.76.46.195 port
59956:11: disconnected by user
Jul 17 09:20:28 phoinix sshd[2654]: Disconnected from user david 66.76.46.195
port 59956
Jul 17 09:20:28 phoinix sshd[2652]: pam_unix(sshd:session): session closed for
user david
Jul 17 09:20:28 phoinix systemd-logind[408]: Session c18 logged out. Waiting
for processes to exit.
Jul 17 09:20:28 phoinix systemd-logind[408]: Removed session c18.

  Did the last update add some type of timer to intentionally slow the
connection time to discourage or combat DOS type attacks? It's like there is
something between:

09:20:24 phoinix systemd[1]: Started Session c18 of user david.
  and
09:20:28 phoinix sshd[2654]: Received disconnect from 66.76.46.195 port
59956:11: disconnected by user

that isn't data transfer and isn't rsyc checking if files need updating.

  Also interestingly, the 5 boxes on my lan that are in the backup list do not
show this type of delay. For example same connection and same box, but on lang
and not internet:

Jul 17 09:18:50 valkyrie sshd[1324]: Accepted publickey for david from
192.168.6.104 port 52414 ssh2: ECDSA
SHA256:97TPKWvaGks+sjneobeoY9RpK1Hznnh8xJCjbcAWrkQ
Jul 17 09:18:50 valkyrie sshd[1324]: pam_unix(sshd:session): session opened
for user david by (uid=0)
Jul 17 09:18:50 valkyrie systemd-logind[585]: New session c18 of user david.
Jul 17 09:18:50 valkyrie systemd[1]: Started Session c18 of user david.
Jul 17 09:18:50 valkyrie sshd[1327]: Received disconnect from 192.168.6.104
port 52414:11: disconnected by user
Jul 17 09:18:50 valkyrie sshd[1327]: Disconnected from user david
192.168.6.104 port 52414
Jul 17 09:18:50 valkyrie sshd[1324]: pam_unix(sshd:session): session closed
for user david
Jul 17 09:18:50 valkyrie systemd-logind[585]: Session c18 logged out. Waiting
for processes to exit.
Jul 17 09:18:50 valkyrie systemd-logind[585]: Removed session c18.

it didn't even take 1-sec for the same transaction.

  So I'm stumped and wanting to know if anyone else has seen this type of
behavior where LAN connections via ssh connect normally, while WAN connection
seem to have additional delay built into the connection. (these boxes are all
Arch, and all current on packages)

-- 
David C. Rankin, J.D.,P.E.