How to fix a slow SSH login issue on Linux

Question: When I try to connect to a remote SSH server, it takes very long time (30 seconds to 2 minutes) before password prompt appears. Why is SSH login so slow to start, and how can I get rid of long delay in SSH login?

If you have to wait very long for SSH password prompt, there could be several things that may go wrong. To troubleshoot the root cause of slow SSH login, you can run ssh command with "-vvv" option, which will show you what's happening behind the scene during SSH login.

$ ssh -vvv user@<ssh-server>

Here are possible solutions to the delayed SSH login problem.

Disable GSSAPI Authentication

One possible culprit (as indicated in the SSH client log above) is GSSAPI authentication. During SSH login, SSH client goes through a series of authentication steps, and one of them is GSSAPI authentication, where an SSH server contacts a GSSAPI server to validate client authentication. On Linux distros such as CentOS, GSSAPI authentication is enabled by default, and GSS failure can add long delay in SSH session start.

To disable GSSAPI authentication on an SSH server, look for "GSSAPIAuthentication" in /etc/ssh/sshd_config, and edit it or add the line as follows.

$ sudo vi /etc/ssh/sshd_config

GSSAPIAuthentication no

Then restart SSH server:

$ sudo /etc/init.d/ssh restart (Debian, Ubuntu or Linux Mint)
$ sudo systemctl restart sshd (Fedora)
$ sudo service sshd restart (CentOS or RHEL)

Disable Reverse DNS Lookup

Another possibility for slow SSH login is reverse DNS lookup. On Linux distros such as Ubuntu, when an SSH server receives a login request from a client, the server performs reverse DNS lookup of the client's IP address for security reason. If the reverse DNS lookup fails, lookup timeout will add to SSH login delay.

To disable reverse DNS lookups on an SSH server, edit SSH server configuration as follows.

$ sudo vi /etc/ssh/sshd_config

# add this line
UseDNS no

Then restart SSH server:

$ sudo /etc/init.d/ssh restart (Debian, Ubuntu or Linux Mint)
$ sudo systemctl restart sshd (Fedora)
$ sudo service sshd restart (CentOS or RHEL)

Download this article as ad-free PDF (made possible by your kind donation):

Subscribe to Ask Xmodulo

Do you want to receive Linux related questions & answers published at Ask Xmodulo? Enter your email address below, and we will deliver our Linux Q&A straight to your email box, for free. Delivery powered by Google Feedburner.

Support Xmodulo

Did you find this tutorial helpful? Then please be generous and support Xmodulo!

5 thoughts on “How to fix a slow SSH login issue on Linux”


Todor Ivanov on August 22, 2014 at 8:30 am said:

Thanks for the GSSAPI tip. That was my problem with CentOS 6.5.

Brian Kinney on December 19, 2014 at 5:56 pm said:

Thanks! For me it was "UseDNS No" to solve my delays on CentOS 6.6.

Howard Hung on January 15, 2016 at 4:14 pm said:

Thanks! For me it was "UseDNS No" to solve my delays on CentOS 7.0

Bogner on March 8, 2016 at 9:16 am said:

I am using debian7.9 and 8.3.
No problems with 7.9, but in 8.3 I can only effectively make it quick using the "UseDNS No" option, although my DNS is working like it should.
Otherwise I get the 5 second hang between username and password.
GSS already deactivated.
Very Frustrating
- Reply
  
  Joe on May 8, 2016 at 4:21 am said:
  
  Bogner, sshd does REVERSE dns lookups on the connecting ip. Is there proper reverse dns setup for the ip you're connecting from?

Disable GSSAPI Authentication

Disable Reverse DNS Lookup

<img style="vertical-align:middle;height:20px;" src="/images/rss_small.png"> Subscribe to Ask Xmodulo

<img style="vertical-align:middle;height:20px;" src="/images/heart_small.jpg"> Support Xmodulo

Share this FAQ:

5 thoughts on “How to fix a slow SSH login issue on Linux”

Leave a comment Cancel reply

Subscribe to Ask Xmodulo

Support Xmodulo