 
Subject
If your login times are really high, it may be that reverse DNS is not working correctly. We have an ISP whose DNS servers sometimes don't respond to reverse DNS queries. It was a bit of a puzzle because it has worked for a long time. Our hunch is that the recent DOS attacks have made name resolution a little fragile lately. The symptom shows up in the logs:
We have keys set up, but notice that there is a fifteen second delay from accepting the key to opening a session:
Feb 3 09:48:45 main sshd[9692]: Accepted publickey for root from 1.6.4.2 port 57559 ssh2
Feb 3 09:49:00 main sshd[9692]: pam_unix(sshd:session): session opened for user u1 by (uid=0)
|
The fix is to either add the IP address to /etc/hosts, or modify your sshd_config file (for us the path is /etc/ssh/sshd_config) and set UseDNS to no:
#ShowPatchLevel no
UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10
|
Restart sshd for the change to take effect:
# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
#
|
Now we get a quick login:
Feb 3 10:06:49 main sshd[12160]: Accepted publickey for root from 1.6.4.2 port 57528 ssh2
Feb 3 10:06:49 main sshd[12160]: pam_unix(sshd:session): session opened for user u1 by (uid=0)
|
| People: | |
| Places: | |
| Things: | |
| Times: | |
|
|
