Home » Questions » Computers [ Ask a new question ]

Why does the "password" prompt take forever when I SSH into my Ubuntu 9.05 server?

Why does the "password" prompt take forever when I SSH into my Ubuntu 9.05 server?

Answer: It was, in fact, performing reverse DNS resolution. Based on the suggestions below and this article, I added "UseDNS no" to my sshd_config, rebooted ssh, and now the password prompt displays immediately.

Asked by: Guest | Views: 128
Total answers/comments: 5
Guest [Entry]

"Is it possible it's doing a reverse DNS lookup on your IP? You can check the results online if the client is using a public IP address, or use something like the following from your server:

dig -x CLIENT_IP_ADDRESS

Is there anything in /var/log/messages?"
Guest [Entry]

"In your sshd_config file set GSSAPIAuthentication=no

bugs.launchpad.net/ubuntu/+source/openssh/+bug/84899"
Guest [Entry]

"Remember that the client will also do reverse-DNS checking checking, which can take 30 seconds or more to timeout if the reverse-DNS mapping doesn't exist with certain resolution configurations.

In either /etc/ssh/ssh_config or in ~/.ssh/config set CheckHostIP no to disable this client-side lookup.

See man 5 ssh_config for further details."
Guest [Entry]

"I've found an alternative solution to this problem :-
http://www.patrickmin.com/linux/tip.php?name=ssh_pause

I was having this same problem logging into a linux build machine using Putty under windows. Adding the IP address of my windows box to /etc/hosts on the linux machine solved the problem."
Guest [Entry]

"Just for the record, I experienced the same problem where ssh would be fast from home to my home-server (mainly using it for git), but it would take some 10-20 seconds at work to get a prompt for the password.

I had to turn off UseDNS no and restart sshd sudo systemctl restart sshd.service. Then it work from all locations.

I know the question is answered and accepted, but I wanted to add the information since I had to ""actively"" set it to no in order to get it to stop using dns."