OpenSSH with slow login
Thomas Binder
binder at arago.de
Wed Jun 12 01:12:00 EST 2002
Hi!
On Tue, Jun 11, 2002 at 11:14:18AM -0300, Jorge Cleber Teixeira de Almeida Junior wrote:
> I gueess it is not a DNS problem, because either using name or
> IP, I have always the problem.
The problem is not on the client side, but on the server side. The
server tries to reverse lookup the hostname for the IP that
connects after a successful login, to write an utmp entry.
Thus, it doesn't make a difference whether you use the server's IP
address or hostname on the commandline. Instead, make sure that
the server's got a correct resolv.conf (i.e. one that lists
nameservers which are actually reachable) or disable DNS based
host lookups completely by altering nsswitch.conf (if supported by
your system) accordingly.
As others have already pointed out, another method to just prevent
sshd from using reverse DNS lookups is by passing
-u0
on startup (see man sshd for details and restrictions). Maybe this
should become an option for sshd_config?
But nevertheless, you should check your server's resolv.conf for
unreachable nameserver entries. Nameserver timeouts take forever
...
Ciao
Thomas
More information about the openssh-unix-dev
mailing list