Hey,
That’s good. A longer delay on ssh logins usually indicate DNS timeouts: by default the SSH server tries to resolve the IP address the connection is coming from into a host name. That can stall for a lot of reasons, and until the DNS lookup times out, the ssh server won’t finish. But let’s not concentrate on this particular issue for the moment.
What I find much more interesting is the dichotomy between this…
…and the following log message:
“Invalid credentials” means that the provided password doesn’t match the one stored for the LDAP object (LDAP user) uid=Administrator,cn=users,dc=doamin. However, the same user name administrator and the same password is used for a successful ssh login, and on standard UCS systems, the administrator user used for ssh is actually the one in the LDAP directory.
This doesn’t really compute — unless there is actually more than one user with the name administrator, one in the LDAP directory (that’s the uid=Administrator,cn=users,dc=doamin one) and one in /etc/passwd. Is it possible that you created such a second user?
Please post the output of the following commands:
grep -Ei '^administrator' /etc/passwd
getent passwd administrator
univention-ldapsearch -LLLo ldif-wrap=no uid=administrator uidnumber gidnumber
m.