Why is my SSH login slow ? Simple guide to fix it.

Here in this post you can find a simple solution to fix SSH login slow.

Slow SSH login on RHEL7 can be caused by various factors, including DNS resolution, reverse lookups, PAM configurations, or network latency. Here’s a step-by-step guide to troubleshoot and resolve the issue:

Steps to fix ssh login slow:

1. Check DNS Resolution Issues

SSH may perform reverse DNS lookups by default, causing delays if the DNS server is slow or unreachable.

A. Disable DNS Reverse Lookup

• Edit the SSH configuration file:

sudo vi /etc/ssh/sshd_config

Add or update the following line:

UseDNS no

Save the file and restart the SSH daemon:

sudo systemctl restart sshd

B. Verify Hostname Resolution

• Ensure the server’s hostname is correctly mapped in /etc/hosts:

127.0.0.1 localhost
192.168.x.x your-hostname

2. Check for GSSAPI Authentication Delays

GSSAPI (Kerberos) authentication can slow down SSH login if not configured properly.

• Edit the SSH configuration:

sudo vi /etc/ssh/sshd_config

Disable GSSAPI-related options:

GSSAPIAuthentication no
GSSAPICleanupCredentials no

Save the file and restart SSH:

sudo systemctl restart sshd

3. Optimize PAM (Pluggable Authentication Module) Settings

PAM modules, such as delay-inducing password checks or environment setups, can impact login times.

• Review /etc/pam.d/sshd for unnecessary modules.
• Disable or reconfigure any non-essential modules.

4. Check SSH Key Authentication

• If you are using key-based authentication:
  • Ensure the private key is not encrypted with a passphrase (or use ssh-agent to cache passphrases).
  • Test the key exchange manually for delays:

ssh -vvv user@hostname

5. Inspect SELinux and Firewall

A. SELinux

• Ensure SELinux is not causing delays by logging denials:

sudo ausearch -m AVC -ts recent

If necessary, temporarily disable SELinux to test:

sudo setenforce 0

B. Firewall

• Check if firewalld or iptables rules are delaying connections:

sudo firewall-cmd --list-all

6. Analyze System Logs

• Inspect /var/log/secure or /var/log/messages for SSH-related errors or delays:

sudo tail -f /var/log/secure
sudo tail -f /var/log/messages

7. Test Network Latency

• Ensure network latency is not the root cause

ping -c 4 <client-ip>
traceroute <client-ip>

8. Miscellaneous Configurations

• Increase SSH logging for debugging:

sudo vi /etc/ssh/sshd_config

LogLevel DEBUG

Restart SSH:

sudo systemctl restart sshd

If NTP synchronization issues exist, correct the time settings:

sudo timedatectl set-ntp true

9. Final Optimization

• Ensure the SSH server is running the latest version:

sudo yum update -y openssh-server

Consider optimizing sshd configurations further based on system requirements:

ClientAliveInterval 30
ClientAliveCountMax 3

By systematically addressing these factors, you can resolve ssh login slow issues on RHEL7.