Ubuntu Distribution & ssh & nameserver

Hi,

I’m curious to know why it takes 10 second to login with ssh when /etc/resolv.conf is empty . And when there is something, it takes less than 1 second to login !

Micka,

Greetings,

Hi,

I'm curious to know why it takes 10 second to login with ssh when
/etc/resolv.conf is empty . And when there is something, it takes less than
1 second to login !

    It is due to DNS lookups and Logging.

    When you log in, a record of your login attempt is logged into /var/log/secure (or some equivelent log file). The log entry will show the hostname which you are coming FROM. Hence, a DNS lookup must take place to resolve the IP address you came from into a fully qualified domain name (FQDN) - 216.86.85.226 --> k2.nuge.com.

    If /etc/resolv.conf has a 'nameserver' entry, and that DNS server is indeed reachable and responding to querries, then the DNS lookup and subsequent logging occurs VERY rapidly. If there is no 'nameserver' entry, or the listed nameserver is not reachable, then the DNS reverse lookup has to time out (which takes several seconds), and the log entry will then ONLY contain the IP address instead of the FQDN. There is your 10 second delay :frowning:

    If you are not going to have a valid DNS server listed in /etc/resolv.conf, then I highly recommend that you create a list of the most common IP addresses you will be SSHing in from, and add them to your /etc/hosts file. /etc/hosts is tested FIRST before /etc/resolve.conf and any matching entry there will be used rather than attempt to perform a DNS lookup.

    So... if you most commonly log in from a couple hosts on your local LAN, and maybe a workstation at work, entries such as shown below could be entered into your /etc/hosts file:

192.168.1.100 workstation-1
192.168.1.101 workstation-2
216.86.85.226 PC-at-work

    Hope this helps,
       --- Jay Nugent WB8TKL
           Instructor, Washtenaw Community College - Ann Arbor, MI
           CIS-121, 206, 208 UNIX/Linux System Administration

Yes, that was perfect, thx you !

the fix i found was in /etc/ssh/sshd_config


UseDNS no