Since a few weeks ago, every time I would run SSH to sign into my server I would have to wait about a minute before I could even get a key/password prompt. The problem never really went away, so I contacted my ISP.
After a few email exchanges with some SSH debug logs and traceroutes, they added a reverse DNS record to see if it helped. Strangely enough, it did. I’ve never had a reverse DNS entry associated with my IP, and I’ve never had any trouble with it in the past. Only recently did connections start to halt because of it.
So, if you don’t have a reverse DNS entry on your IP and have been noticing slow SSH connections, call up or email your ISP to get one added. You will love your connection that much more.
or: ssh -oHostName= login@ip
And even better, edit /etc/ssh/ssh_config… find the lines regarding GSSAPI (kerberos authentication) and comment them out.
Then you will notice your ssh connections go much faster. It is easier to comment out 2 lines in your ssh_config than to call your ISP, but whatever works for you
Or you can edit /etc/ssh/sshd_config and add “UseDNS no” to disable reverse DNS lookups ;).
Adrian:
Yes, but if you don’t have access to the sshd_config file, it doesn’t work too well.
you could put the config file in ~/.ssh/
Hi there.
I am having a similar problem , but I can not authenticate at all. What takes my attention is the fact that I actually can establish a connection. Here is the output of ssh:
user@user-laptop:~$ ssh user@myserver.org -p 80 -vvv
OpenSSH_4.7p1 Debian-8ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to greendood.homelinux.org [X.Y.Z.56] port 80.
debug1: Connection established.
debug1: identity file /home/user/.ssh/identity type -1
debug3: Not a RSA1 key file /home/user/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type ‘—–BEGIN’
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type ‘—–END’
debug3: key_read: missing keytype
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
If you have paid enough attention, you can come to the conclusion that I am trying to pierce some firewall (I am using port 80).
This command works in another network ,with a public IP, but not here, inside the firewall.
My question is, Could it be the reverse DNS issue? if this is the case, what is the correct option in sshd_config : “ReverseMappingCheck no” or “UseDNS no” ? Could it be another thing I’m missing about the firewall? (which I think is not the problem, ‘cos it actually can make the connection)
I have disabled password login, due to some attacs :p.
Any ideas?