Problem:

When trying to connect to a server via SSH, the authentication is slow (takes a few seconds), but the server seems normally responsive after authentication.

Background & Analysis:

I’ve experienced this problem when trying to connect to Linux hosts using SSH. Som of my Linux hosts use OpenSSH and some use Reflection for Secure IT Server.

When authenticating via SSH, the SSH server will perform a reverse domain lookup of the client’s IP address and this delays the authentication process.

SSH servers have options in their configurations to disable the reverse domain lookup of clients’ IP addresses.

Solution:

Disable reverse domain lookup of the client’s IP address in the SSH Server Configuration. Given below are examples of how this is done in two SSH servers:

OpenSSH: Edit /etc/ssh/sshd_config (or wherever your config file is) and set

UseDNS=no

RSIT: Edit /etc/ssh2/sshd2_config and set

ResolveClientHostname=no

Root Cause:

Slow Reverse Domain Lookup of clients’ IP addresses.

 

(1) The solution above describes a successful problem-solving experience and may not be applicable to other problems with similar symptoms.

(2) Your rating of this post will be much appreciated as it gives me and others who read this article, an indication of whether this solution has worked for people other than me. Also, feel free to leave comments.

 

VN:F [1.9.22_1171]
Rating: +5 (from 5 votes)