Strange 120 second wait with sshd on domain controller

Pasi Oja-Nisula pon@iki.fi
Wed May 27 12:52:08 GMT 2020


I'm experincing a strange issue on domain controller where I have cygwin
and sshd service installed. This is a Windows 2019 server. There is older
domain controller on the same domain that handles all FSMO roles and it
does not have this issue (different Windows and cygwin versions though).
Replication between servers seems to work fine. Rdp connectivity to servers
is stable and shows no network issues. Cygwin sshd installation is very
basic, only thing changed is the sshd port number. I'm using the exact same
installation packages and configuration on other non-dc servers and they do
not have this issue.

When I try to login via ssh locally, everything works almost fine. I type
in the command and get password prompt immediately, enter password. Then I
get the "Last login:" row, but prompt appears only 120+ seconds later.
Usually around 124 seconds.

When I try to ssh in remotely, I get this. No password prompt, but
strangely 120+ seconds wait before it tells me that authentication failed.

2020-05-27 15:15:02 debug1: SSH2_MSG_SERVICE_ACCEPT received
2020-05-27 15:15:02 debug1: Authentications that can continue:
publickey,password,keyboard-interactive
2020-05-27 15:15:02 debug1: Next authentication method: publickey
2020-05-27 15:15:02 debug1: Offering RSA public key:
/home/pojanisu/.ssh/id_rsa
2020-05-27 15:17:08 Authentication failed.

Windows event log does not seem to help much. I have this in application
log while sshd set to debug logging level. After that nothing and no
relevant failures in security log either.
2020-05-27 15:15:02 sshd: PID 5559: debug1: temporarily_use_uid:
1049076/1049089 (e=18/18)

And now the really strange part. Sometimes this works just fine without any
waits. I have not been able to figure out whether it's after reboot or some
other mysterious events. But then hour later I'm back to this no remote
login at all and 120 seconds wait before prompt locally.

Since this is a new server, I went and undid the DC part, removed the whole
virtual server and redid everything from scratch. The second installation
has exactly the same issue.

Any ideas would be very welcome.

Pasi


More information about the Cygwin mailing list