Re: ssh initial connects SLOW

Randy Yates wrote:
I have a strange thing going on with ssh. I have two systems on my
local LAN, one a Fedora Core 6 system and one a Fedora (Core) 8.

Until about a week ago, I was able to ssh between these two systems
without any problem whatsoever. However, for the last few days, when
I ssh in from one to the other (in either direction), it takes an
inordinate amount of time (> 1 minute) for the ssh command to complete
and yield control back to the terminal.

Any ideas why this is happening? The network between the two computers
seems to be just fine. One is connected via 802.11g with WEP security
enabled, and always has been, i.e., nothing changed here between the
time it was working and the time it stopped working.

[yates@localhost ~]$ uname -a
Linux localhost.localdomain 2.6.23.9-85.fc8 #1 SMP Fri Dec 7 15:49:36 EST 2007 x86_64 x86_64 x86_64 GNU/Linux


[yates@localhost client]$ uname -a
Linux localhost.localdomain 2.6.22.14-72.fc6 #1 SMP Wed Nov 21 14:10:25 EST 2007 x86_64 x86_64 x86_64 GNU/Linux

Ahh. I think we need to say "welcome to reverse DNS". "localhost.localdomain" resolves to 127.0.0.1, which is *not* the IP address the connection is coming from. And when your SSH server looks up 192.168.1.3 or whatever your first localhost's IP address is, it gets a name that does not match. I suspect you've recently changed your DNS or /etc/hosts setups, or something else was poking your DNS so you had a cached "I don't know what that is!" result.

This reverse DNS can be turned off by setting the sshd initscript to start sshd with "sshd -u0", a bit of old obscurity that says "don't record any more than 0 characters for the client hostname", and as it's programmed, prevents the reverse DNS lookup at all. There are security reasons and logging reasons that this is useful information, but if you don't have good DNS setups, you may want to disable it.

There is no other graceful way to to turn this off: sshd_config does not support any options to disable it, and never has.
.

Relevant Pages