I ssh into my server multiple times a day. Connecting is fine but the password prompt is horrendously slow. It takes up to fifteen seconds for it to appear sometimes. If I ssh in four times a day, that’s a minute wasted in just sitting around waiting. That sucks.
I know Ubuntu does some strange things to logical networking settings, but I didn’t think it would mess with ssh. I wondered if others had this trouble too. I found a thread on the Ubuntu Forums where the poster would have to wait 20-30 seconds. After asking for logs and configurations, a great suggestion was given.
Add the following to /etc/ssh/sshd_config on your SSH server
Then restart the ssh daemon and your pauses should be gone.
Well, that’s a start. So a quick
sudo vim /etc/ssh/sshd_config adding a comment for notes and the
UseDNS no line at the end. Finally, a restart
service ssh restart and it was done. I quickly tried to ssh back into my server and it went in fast. Very fast, the prompt was there within a second. I was impressed.
This beg’s the question, what is UseDNS? According to the man-page for sshd:
UseDNS Specifies whether sshd should look up the remote host name and
check that the resolved host name for the remote IP address maps
back to the very same IP address. The default is “yes.
It appears to prevent spoofing by looking up the host name and IP and checking if they match when doing a reverse lookup. This would work very well in theory if a real DNS server was being used. If a lame Qwest modem is being used, this doesn’t work as well because it’s not a real DNS server and it is as slow as molasses itself. Turning this check off means that it’s possible someone could spoof a host name or IP connecting to the server, but that’s pretty unlikely in my case.
Happy fast ssh-ing!