long delay when logging in with CentOS7

Solution 1:

In your /etc/ssh/sshd_config on the remote server you should change the option GSSAPIAuthentication to no. Restart sshd and you should be good to go.

edit: GSSAPI (Generic Security Service Application Programming Interface) is essentially an API that utilises Kerberos libraries to provide strong network encrypton. Unless there is a particular reason why you need GSSAPI enabled this method should resolve the issue you are having.

edit2: For clarity, it may also be possible that the reverse DNS check is timing out (specifically checking the connecting hosts' PTR record) . SSH does this check as a matter of course because it acts as a security measure to validate the connecting host.

Saying that, the process does not add much in terms of real security because realistically there's a significant proportion of hosts that do not have a PTR anyway. There are three ways to fix this issue:

1). You can amend the sshd_config file to use the UseDNS no parameter. This will stop the reverse DNS lookup. It is safe to do.

2). Add a PTR record in the appropriate DNS system for the host that's slow in connecting.

3). Add a manual entry into the OS hosts file with the relevant entry.

Hope that helps!

Solution 2:

This sounds like a DNS issue - during a log-in attempt, a reverse DNS lookup is performed to provide the remote hostname in the auth logs.

Check to ensure that the server does not have an unresponsive resolver in the /etc/resolv.conf file.

Tags:

Ssh

Centos7