Help Center/ Elastic Cloud Server/ Troubleshooting/ SSH Connection Issues/ Why Does It Takes a Long Time to Connect to an ECS Using SSH After UseDNS Is Enabled?
Updated on 2024-08-15 GMT+08:00

Why Does It Takes a Long Time to Connect to an ECS Using SSH After UseDNS Is Enabled?

Symptom

It takes a long time to connect to an ECS using SSH.

Possible Causes

After the UseDNS option is enabled for the sshd service on the SSH server, when a client attempts to connect to the server using SSH, the server performs a DNS PTR reverse query to obtain the client's host name based on the client's IP address, and then performs a DNS forward A record query based on the client's host name, and check whether the two IP addresses are the same. This is a measure to prevent client spoofing. But in general, dynamic IP addresses do not have PTR records. Therefore, you are advised to disable this option.

You can run the following command to check whether UseDNS is enabled:

grep UseDNS /etc/ssh/sshd_config

If the value is yes or the line is commented out, UseDNS is enabled. Disable UseDNS by performing the following operations.

Solution

  1. Edit the /etc/ssh/sshd_config file:

    vi /etc/ssh/sshd_config

  2. Change the value of UseDNS to no.
    UseDNS no
  3. Restart the sshd service.
    • CentOS 6

      service sshd restart

    • CentOS 7 or EulerOS

      systemctl restart sshd