Why does SSH take so long to connect?

If you have to wait very long for SSH starts authenticating, there could be several things that may go wrong.

Disable Reverse DNS Lookup

A common problem on the server is if you're connecting from a client for which reverse DNS lookups time out.

A “reverse DNS lookup” means getting back from the client machine's IP address to a host name. It isn't really useful for security, only slightly helpful to diagnose breaking attempts from log entries, but the default configuration does it anyway.

To disable reverse DNS lookups on an SSH server, edit SSH server configuration as follows.

$ sudo vi /etc/ssh/sshd_config # add this line UseDNS no

Then restart SSH server:

$ sudo /etc/init.d/ssh restart (Debian, Ubuntu or Linux Mint) $ sudo systemctl restart sshd (Fedora) $ sudo service sshd restart (CentOS or RHEL)

Disable GSSAPI Authentication

Another thing that can go wrong is GSSAPI authentication timing out. If you don't know what that is, you're probably not relying on it.

On Linux distros such as CentOS, GSSAPI authentication is enabled by default, and GSS failure can add long delay in SSH session start.

To disable GSSAPI authentication on an SSH server, look for "GSSAPIAuthentication" in /etc/ssh/sshd_config , and edit it or add the line as follows.

$ sudo vi /etc/ssh/sshd_config GSSAPIAuthentication no

Then restart SSH server:

$ sudo /etc/init.d/ssh restart (Debian, Ubuntu or Linux Mint) $ sudo systemctl restart sshd (Fedora) $ sudo service sshd restart (CentOS or RHEL)