How to disable reverse DNS lookup in SSH
SSH server is by default configured to perform a reverse DNS lookup of your IP address every time you try to log in to the server. It could slightly improve logging and security but would significantly increase login time.
Related: How to speed up SSH authentication
The login prompt could take a while to appear when reverse DNS lookup is enabled on the server, as the server will perform a reverse DNS lookup on the incoming IP address before presenting the login prompt.
You can fix this issue by disabling the UseDNS directive on the SSH server from the terminal.
UseDNS
Specifies whether sshd(8) should look up the remote host name
and check that the resolved host name for the remote IP address
maps back to the very same IP address. The default is “yes”.
Steps to disable reverse DNS lookup in SSH:
- Launch terminal application.
- Open SSHd configuration file using a text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
- Search for UseDNS directive and set the value to no.
UseDNS no
Add the line if it doesn't already exist and remove # at the beginning of the line if the existing line starts with #.
- Reload or restart SSH server service.
$ sudo systemctl restart sshd
Guide compatibility:
| Operating System |
|---|
| Ubuntu Linux |
| Debian Linux |
| Red Hat Enterprise Linux |
| Fedora Linux |
| CentOS Linux |
| openSUSE Linux |
| SUSE Linux Enterprise Server |
| FreeBSD |
| OpenBSD |
| NetBSD |
| macOS |
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.
Comment anonymously. Login not required.
