http://blog.csdn.net/doiido/article/details/43793391 centos/linux fix ssh connection slow tag: linuxssh remote connection ssh slow 2015-02-13 13:24 1230 people read reviews (0) Collection Report Category: Linux applications (16) Copyright notice: This article is the original article for Bo Master, not allowed to reprint without the Bo master. Connecting to a Linux server is now generally a way to connect remotely using SSH. Recently installed a server, found that Telnet is very fast, ping everything is normal, but SSH connection is very slow. After online data query, there are basically the following reasons: 1, the server sshd will go to DNS to find the hostname of the client IP access, if the DNS is not available or no related records, it will consume a period of time. 2, in authentication gssapi-with-mic sometimes also consumes a period of time one, test find specific reason: 1, use ssh-v host debug# ssh-v 192.168.100.10 then will output a lot of debug, With the debug information you can see where the connection is being delayed, such as the following message: [HTML] View plain Copydebug1:next authentication method:gssapi-with-mic DEBUG1: Unspecified GSS failure. Minor code may provide more information No credentials cache found 2, detect connection time # SSH [email protected] Exit two, workaround (recommended Each set, because each person's connection slow reason is different): note: After the modification remember to restart the SSHD Service # service sshd restart1, turn off DNS reverse resolution in Linux, the default is to turn on SSH Reverse DNS resolution, this will consume a lot of time, So it needs to be closed. # Vi/etc/ssh/sshd_configusedns=no in the config file, although Usedns Yes is commented, the default switch is Yes2, shutting down the GSS authentication on the server authentication Gssapi-with-mic there is a high likelihood of problems, so shutting down GSS authentication can improve the SSH connection speed. # VI/ETC/SSH/sshd_configgssapiauthentication NO3, modify nsswitch.conf file on server # vi/etc/nsswitch.conf find Hosts:files DNS to hosts:fileshosts:files DNS this line means that the host for the access to the order of domain name resolution, is the first access to file, that is,/etc/hosts files, if the hosts do not record the domain name, then access to DNS, domain name resolution, If DNS is also inaccessible, it waits for the access timeout to return, so the wait time is longer. Note: If your server needs to access other servers through a domain name, you need to keep this line. 4, modify the server resolv.conf file 4.1, remove all unused IP in/etc/resolv.conf. 4.2, the nameserver all removed, the problem can also be resolved, but the server will not be able to surf the Internet. 4.3, if the server has been configured with a dual network card, then there will be a line in the file is not currently used IP address, delete the line. 5. Modify the Hosts file on the server to add the client IP and hostname to the/etc/hosts file on server 6, Open the Ignorerhosts parameter on the server ignorerhosts parameter can ignore the previous log on the host's record, set to Yes can greatly increase the connection speed # Vi/etc/ssh/sshd_configignorerhosts Yes--------------------above are set on the server, the following are set on the client-----------------------7, modify the agent hosts file to add the destination server IP and domain name, Enables the native DNS service to resolve the destination address. # vi/etc/hosts192.168.100.11 doiido.com Note: The Hosts file format is ' target server_ip target server_name '. But using this method has a disadvantage if you need to add a domain name resolution to each server. 8, modify the client configuration file ssh_conf (note, not sshd_conf) # vi/etc/ssh/ssh_conf Find gssapiauthentication Yes to gssapiauthentication no
Reprint: Centos/linux fix SSH connection slow