On a new CentOS 5.1 install there was a dleay while logging in via SSH. Using the -v option i.e.
# ssh -v jonny@servername
gave more verbose output with the following messages:
debug1: Authentications that can continue: publickey,gssapi-with-mic,passworddebug1: Next authentication method: gssapi-with-micdebug1: Unspecified GSS failure. Minor code may provide more informationNo credentials cache founddebug1: Unspecified GSS failure. Minor code may provide more informationNo credentials cache founddebug1: Unspecified GSS failure. Minor code may provide more informationdebug1: Next authentication method: publickeydebug1: Trying private key: /home/jonny/.ssh/identitydebug1: Offering public key: /home/jonny/.ssh/id_rsadebug1: Authentications that can continue: publickey,gssapi-with-mic,passworddebug1: Trying private key: /home/jonny/.ssh/id_dsadebug1: Next authentication method: password
jonny@1.2.3.4's password:
The GSS failure was slowing down logins by 10-20 seconds. To speed things up I switched off GSSAPI authentication in /etc/ssh/sshd_config:
vi /etc/ssh/sshd_config
# GSSAPI options
GSSAPIAuthentication no
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials no
This is unlikely to have any future implications for this server as far as I am aware as we do not use GSSAPI. GSSAPI is an acronym; it stands for Generic Security Services Application Programming Interface. The GSSAPI is a generic API for doing client-server authentication.
