hello mike, Well normally DNS resolution slows any network activity down. Even in port scanning for example using nmap its prefered to use the -n switch to disable DNS resolution because it slows the scan down. Hope this helped to clarify things a bit. Regards, Saif OSCP Sent from my iPhone. On Apr 13, 2011, at 5:14 AM, "Michael Sioutis" <papito.dit@xxxxxxxxx> wrote: > Actually the problem seems to have been sorted out. Right after > placing in the sshd_config file "UseDNS no" and reloading/restarting > the OpenSSH server, no effect took place, but a few hours later my ssh > response became instant (<1 sec) :) > Strange.. > > Mike > > On Tue, Apr 12, 2011 at 7:15 PM, Michael Sioutis <papito.dit@xxxxxxxxx> wrote: >> Hello!! >> >> I have a slow ssh response time and I don't know what is causing it. >> I'm providing you with some information and kindly requesting >> your help. >> >> ***System*** >> Linux Ubuntu 10.04.2 LTS 2.6.32-30-generic #59-Ubuntu SMP Tue Mar 1 >> 21:30:46 UTC 2011 x86_64 GNU/Linux >> >> ***OpenSSH version*** >> OpenSSH_5.3p1 Debian-3ubuntu6, OpenSSL 0.9.8k 25 Mar 2009 >> >> ***Problem*** >> ssh -v user@host >> OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010 >> debug1: Reading configuration data /etc/ssh/ssh_config >> debug1: Applying options for * >> debug1: Connecting to host [XX.XXX.XX.XXX] port 22. >> debug1: Connection established. >> debug1: identity file /home/user/.ssh/id_rsa type 1 >> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 >> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 >> debug1: identity file /home/user/.ssh/id_rsa-cert type -1 >> debug1: identity file /home/user/.ssh/id_dsa type -1 >> debug1: identity file /home/user/.ssh/id_dsa-cert type -1 >> >> --------------->Delay (4-5 secs)<--------------- >> >> debug1: Remote protocol version 2.0, remote software version >> OpenSSH_5.3p1 Debian-3ubuntu6 >> debug1: match: OpenSSH_5.3p1 Debian-3ubuntu6 pat OpenSSH* >> debug1: Enabling compatibility mode for protocol 2.0 >> debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5 >> debug1: SSH2_MSG_KEXINIT sent >> debug1: SSH2_MSG_KEXINIT received >> debug1: kex: server->client aes128-ctr hmac-md5 none >> debug1: kex: client->server aes128-ctr hmac-md5 none >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >> debug1: Host 'host' is known and matches the RSA host key. >> debug1: Found key in /home/user/.ssh/known_hosts:9 >> debug1: ssh_rsa_verify: signature correct >> debug1: SSH2_MSG_NEWKEYS sent >> debug1: expecting SSH2_MSG_NEWKEYS >> debug1: SSH2_MSG_NEWKEYS received >> debug1: Roaming not allowed by server >> debug1: SSH2_MSG_SERVICE_REQUEST sent >> debug1: SSH2_MSG_SERVICE_ACCEPT received >> debug1: Authentications that can continue: publickey,password >> debug1: Next authentication method: publickey >> debug1: Offering public key: /home/user/.ssh/id_rsa >> debug1: Authentications that can continue: publickey,password >> debug1: Trying private key: /home/user/.ssh/id_dsa >> debug1: Next authentication method: password >> user@host's password: >> >> ***sshd_config file*** >> Port 22 >> Protocol 2 >> HostKey /etc/ssh/ssh_host_rsa_key >> HostKey /etc/ssh/ssh_host_dsa_key >> UsePrivilegeSeparation yes >> >> KeyRegenerationInterval 3600 >> ServerKeyBits 768 >> >> SyslogFacility AUTH >> LogLevel INFO >> >> LoginGraceTime 120 >> PermitRootLogin no >> StrictModes yes >> >> RSAAuthentication yes >> PubkeyAuthentication yes >> >> IgnoreRhosts yes >> RhostsRSAAuthentication no >> HostbasedAuthentication no >> >> PermitEmptyPasswords no >> >> ChallengeResponseAuthentication no >> >> X11Forwarding yes >> X11DisplayOffset 10 >> PrintMotd no >> PrintLastLog yes >> TCPKeepAlive yes >> >> AcceptEnv LANG LC_* >> >> Subsystem sftp /usr/lib/openssh/sftp-server >> >> UsePAM yes >> UseDNS no >> AllowUsers user >> >> Thank you for any information about this! >> Mike >> >