TurnKey Linux Virtual Appliance Library

SSH session slow to start? It's the DNS stupid!

Ever tried logging into a machine with ssh and found you have to wait much longer than reasonable for the session to start? This happened to me a few times and was especially annoying with machines on my local network (or a VM attached to a virtual network) that should be letting me in immediately.

I eventually got mad enough to strace the SSH daemon and debug what was going on and it turns out it's a DNS thing. Basically the session is slow to start because the SSH server is trying to lookup the hostname of the SSH client and for whatever reason it's timing out (e.g., it can't reach a nameserver, because you happen to be offline)

There are a couple of very simple ways to fix that:

  • add "UseDNS no" to /etc/ssh/sshd_config
  • add the client's net address to the server's /etc/hosts

Was that helpful? Has this ever happened to you? Post a comment!

You can get future posts delivered by email or good old-fashioned RSS.
TurnKey also has a presence on Google+, Twitter and Facebook.

Comments

This worked for me!

Hi Liraz, thank you. I was having troubles to access through SFTP to my LAMP appliance installed on Virtualbox on my PC, and the problem was solved when I added "UseDNS no" to /etc/ssh/sshd_config.

(we recently configure a domain on our LAN with a Windows 2003 server)

Great! best regards,

Liraz Siri's picture

Glad I could help!

Occasionally I wonder whether anyone is finding these blog posts useful. Getting positive feedback is a big encouragement. Oh and sorry for the late reply, I've been monking out offline working on some new stuff!

Thanks

I haven't had that problem, but i think it's really useful to know that, thanks for that post!

Thanks

Had this problem myself and could never be bothered trying to resolve it.

Thank you,

Kev

THANK YOU

Liraz,

I have been having the exact same issue and was pulling my hair out trying to figure it out!  Thanks for clearing this up for me; both my brain and hair thank you!

thanks

*bliss*

added at least 30mins to my working day...

Thanks dude

I had this same issue and it was really annoying.  I would just walk away after logging in and go mow the lawn.  When I came back, it would almost be done logging in :)

 

UseDNS no definitely did the trick, now I'm a happy camper!  (but my lawn is growing out of hand)

Thanks!

I forgot all about this!

Thanks !

Sweet !

Thank you ! Just solved this issue on many of the servers.

Cheers !

Amardeep

Thanks!

Thanks for this info, worked like a charm.

 

Any idea why the SSH daemon would want to do a DNS lookup? Some form of security?

A tip

Another solution is to verify that the IP assigned to the hostname in your server's /etc/hosts file is right. If it isn't, that's what's causing your problem. Thank you for this post!

bit for any high-quality articles

I've been exploring for a bit for any high-quality articles or blog posts in this sort of house .

Exploring in Yahoo I finally stumbled upon this website. Studying this information So i'm satisfied to

show that I've a very good uncanny feeling I found out just what I needed. I most unquestionably

will make sure to do not overlook this website and give it a look on a constant basis.

Phoenix termite

Thanks Dude...

This took care of my client's ssh issue on multiple servers.

Thanks!

This has been bugging me for a while, I'd say at least a year :) Thanks for the info dude.