SUSE Linux Enterprise Server 11 Service Pack 2
When root user is connected to a SLES 11 SP2 system via ssh, then logs out (exits), a delay (usually 30 seconds) occurs before the session fully closes.
The delay is due to a DNS query that is not being answered, and it takes 30 seconds for ssh to decide a time-out has occurred, and give up waiting. The DNS query in question is being generated by the audit package, which sshd is compiled to use.
A change has been made to the audit package to correct this situation. Therefore, the recommended solution is to update the "audit" package (and audit-libs) to v 1.8 or higher.
If that update cannot be made right away, there 2 two optional workarounds:
a. DNS configuration: The SLES 11 SP2 sshd server can be configured to more successfully talk with DNS. Check to make sure that the /etc/resolv.conf points to valid DNS servers. Even then, however, the problem can still occur. If the DNS server in question is configured to forward queries on to other DNS servers, but doesn't not have the ability to talk to root DNS servers on the internet, the delay will still occur. DNS servers could be configured to *not* forward queries (thereby answering negatively right away, rather than wait), or any firewalls or other problems blocking the DNS from talking to the internet can be tracked down and resolved.
b. SSH software update and configuration: Make sure that your openssh package version is at least 5.1p1-41.55.1. This is available in the SLES 11 SP2 update channel. Then set "UseDNS no" in /etc/ssh/sshd_config in order to prevent the query from happening. The openssh update by itself or the setting by itself will not be enough to avoid the problem.
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.