Package: ssh Version: 1:3.8.1p1-8.sarge.4 Severity: important SSH can take a very long time to connect to addresses on the internet due to bogus ipv6 name resolution requests when connecting using ipv4.
ssh [EMAIL PROTECTED] The default resolution behavior is: AAAA host.domain.com. AAAA host.domain.com. AAAA host.domain.com.searchdomain.com. AAAA host.domain.com.searchdomain.com. A host.domain.com. Removing the ipv6 module from the kernel and aliasing it in modprobe.conf to "none" does not prevent ssh from attempting ipv6 name resolution, even though those resolutions would be pointless on a system with no ipv6 support enabled. On some DNS servers, the above requests can take a very long time to fail, a connection with the default setup was taking me 30 seconds to establish. A workaround is alasing ssh to "ssh -4", to prevent any use of ipv6. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.12-1-k7 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages ssh depends on: ii adduser 3.63 Add and remove users and groups ii debconf 1.4.30.13 Debian configuration management sy ii dpkg 1.10.28 Package maintenance system for Deb ii libc6 2.3.5-7 GNU C Library: Shared libraries an ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libssl0.9.7 0.9.7e-3 SSL shared libraries ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.2.3-6 compression library - runtime -- debconf information: ssh/insecure_rshd: ssh/ssh2_keys_merged: ssh/user_environment_tell: * ssh/forward_warning: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true * ssh/protocol2_only: true ssh/encrypted_host_key_but_no_keygen: * ssh/run_sshd: true * ssh/SUID_client: true ssh/disable_cr_auth: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]