Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: slow ssh authentication

  1. #1
    Join Date
    Dec 2007
    Beans
    217

    slow ssh authentication

    I ssh into my home server a lot. My home server is on a gig lan, but it's slow for some reason i have yet to figure out. When i ssh into my server, it takes about 10-18 seconds until it asks me for my password, and after that it's at a good speed. Is there a way to speed up the time it takes to connect to it? It takes the same amount of time to connect if i'm outside the network (ssh www.xxxxxxx.net) vs being in my house on the network. If this is normal, please let me know.
    Thanks

  2. #2
    Join Date
    May 2008
    Beans
    7

    Re: slow ssh authentication

    Most likely it is doing a reverse DNS lookup, and either you have a slow connection with lots of lag (eg satellite internet), or your DNS is configured incorrectly.

    Unless you need it to do reverse DNS lookups, the easiest solution is just to disable it. Add "UseDNS no" to the /etc/sshd_config file, reload your SSH server and the delay should be gone.

    Note: it still does DNS lookups, but doesn't require it to be valid to let you log in, so it should prompt for your password right away.

  3. #3
    Join Date
    Dec 2007
    Beans
    217

    Re: slow ssh authentication

    Well, i don't think it's a DNS problem. If i use a program like putty, it asks for my login after about 2 seconds. It's the time between me using a user name and it asking for the password that takes forever. I'm pretty sure that i've got the connection after it asks for my login name, and since i have the same problem when i'm on the same network as the machine, i'm led to believe that it's not a DNS problem. Any thoughts on this?
    Last edited by shortridge11; November 2nd, 2008 at 10:40 PM. Reason: typo

  4. #4
    Join Date
    Oct 2008
    Location
    Savannah, GA
    Beans
    8
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: slow ssh authentication

    Did you try and edit /etc/ssh/sshd_config? I've seen this too. I always add an entry that says UseDNS no and reload ssh.

    sudo /etc/init.d/ssh restart
    Even from the inside it's going to do a reverse lookup to log your FQDN. It populates this information in your $PS1 if it's set to pick it up and stores all this in /var/log/wtmp.

    You don't have anything odd in PuTTy like X11 forwarding?

  5. #5
    Join Date
    Dec 2007
    Beans
    217

    Re: slow ssh authentication

    thanks both of you. That fixed it. I had no idea it did a reverse lookup

  6. #6
    Join Date
    Dec 2007
    Beans
    217

    Re: slow ssh authentication

    can you explain in higher detail why it does the reverse DNS lookup? and what a FQDN is and why it's logged?

  7. #7
    Join Date
    Oct 2008
    Location
    Savannah, GA
    Beans
    8
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: slow ssh authentication

    Probably so you don't have to use DNS to resolve IPs when searching through logs...that's a guess, but might make sense in certain cases. FQDN is a Fully Qualified Domain Name. aka www.google.com. Bascially it's the full name that equals the machine, because aside from enterprise scale issues domain names point to individual hosts. But like I said, the ballgame changes when you want it to scale.

    -maxhax-

  8. #8
    Join Date
    Nov 2008
    Beans
    1

    Re: slow ssh authentication

    Actually UseDNS didn't work for me. Adding the -u0 option to sshd worked though.

    For people behind broadband routers that function as DNS servers to internal machines, they would not respond to unknown queries, thereby causing the resolver to 'hang'. Another way is to manually configure a host in /etc/hosts if you are only going to be logging in from one machine.

  9. #9
    Join Date
    May 2009
    Beans
    8
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: slow ssh authentication

    Sorry for cutting into the topic.

    Is there a way we can do the same for the telnet?

  10. #10
    Join Date
    Aug 2010
    Beans
    7

    Re: slow ssh authentication

    I have been looking for a solution for this for ages as my host won't change the sshd_config files (shared host)
    So UseDNS no isn't an option for me

    anyway:

    if you add
    hosts_ip_address your_domain
    to your /etc/hosts file the password prompt will display almost straight away

    eg
    123.123.123.123 example.com

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •