Speeding up SSH connections

Suggestion 1: Resolving SLOW Login by turning off reverse DNS Lookup for OpenSSH

If you are facing slow login times, it might be due to reverse DNS is not responding quick enough. This system can show up on your log file

# tail -50 /var/log/secure

You will notice that there is a time lag from accepting the key to opening a session

Sep  6 10:15:42 santol-h00 sshd[4268]:
Accepted password for root from port 51109 ssh2

Sep  6 10:15:52 santol-h00 sshd[4268]: pam_unix(sshd:session):
session opened for user root by (uid=0)

To fix the issue, you should modify the /etc/ssh/sshd_config file

# vim /etc/ssh/sshd_config

At /etc/ssh/sshd_config, change UseDNS  no

#ShowPatchLevel no
UseDNS no
#PidFile /var/run/sshd.pid

Restart the ssh service

# service sshd restart

Feel the login speed 🙂

Suggestion 2: Speeding up multiple ssh connections with ControlMaster

I’m assuming you are using OpenSSH 4.

If you are make multiple connections to the same server, you can enables the sharing of multiple sessions over a single network connections. In other words, the additional sessions will try to reuse the master instance’s connection rather than initiating new ones.

Step 1: Create a config file in your ~/.ssh directory. Make sure the permission is readable and writable by the owner only ie permission of 600

Step 2: Add the following lines

Host *
   ControlMaster auto
   ControlPath ~/.ssh/master-%r@%h:%p

ControlMaster auto Tries to start a master if there is no existing connection
or it will use an existing master connection.

ControlPath is the location socket for the ssh processes to communicate among
themselves. The %r, %h and %p are replaced with your user name, the host to which
you’re connecting and the port number—only ssh sessions from the same user to
the same host on the same port can or should share a TCP connection,
so each group of multiplexed ssh processes needs a separate socket.

Step 3a: To test the configuration, start an ssh session and keep it connected, you should see something like

debug1: setting up multiplex master socket
debug1: channel 0: new [client-session]

Step 3b: Launch another ssh connection to a the same server with the same userid

debug1: auto-mux: Trying existing master

Much of the materials come from  Speed Up Multiple SSH Connections to the Same Server (Linux Journal).

Suggestion 3: Speeding and Compressing X forwarding Traffic

To run the an X application over SSH connection, you can use the

$ ssh -X user@computername.com

Do note that for the remote Server shich you are connecting to must have X forwarding enabled. To configure, go to /etc/ssh/ssh_config/

X11Forwarding yes

If the SSH is setup with trusted X11 Forwarding ie in the /etc/ssh/ssh_config file,

ForwardX11Trusted yes

You can compress and speed up the X forwarded connection

$ ssh -Y -C user@computername.com
  • -Y to enable trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. So it will boost speed.
  • -C to compress the data

Suggestion 4: Tuning TCP/IP and Patching SSH with HPN-SSH

Good read-up to tune your SSH connections.

  1. High Performance Data Transfers on TCP/IP
  1. High Performance SSH/SCP – HPN-SSH

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.