Thread: Slow SSH login
View Single Post
  #3   (View Single Post)  
Old 16th May 2013
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default
The delay of 2 minutes is caused because the OpenBSD SSH does a double reverse name lookup of the IP address that is connecting to it. See https://en.wikipedia.org/wiki/Double-reverse_DNS

There are several ways of fixing this:
  • The easy lazy insecure coward method:

    Disable this lookup by changing #UseDNS yes into UseDNS no In /etc/ssh/sshd_config
  • Make the double reverse DNS lookup work by:

    1. Configuring a local DNS server, which is not that trivial if you never have done it before
    2. Add a an entry to the OpenBSD /etc/hosts like this:

      Code:
      192.168.222.20  hercules.utp.xnet hercules
      See hosts(5) for a description of that file.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote