SSH servers perform a reverse DNS lookup on the incoming connection's IP address during each login attempt. This is intended to verify the hostname associated with the IP, potentially enhancing security and logging accuracy. However, this process often causes delays, as the server waits for DNS resolution before presenting the login prompt.
These delays can be inconvenient, especially when quick access to the server is essential. Disabling the reverse DNS lookup can reduce login times, making the SSH experience faster and more efficient without sacrificing necessary functionality.
To disable this feature, you need to modify the UseDNS directive in the SSH server's configuration file. By setting UseDNS to no, the server will skip the reverse DNS lookup, thus speeding up the login process.
UseDNS
Specifies whether sshd(8) should look up the remote host name
and check that the resolved host name for the remote IP address
maps back to the very same IP address. The default is “yes”.
Steps to disable reverse DNS lookup in SSH:
- Open the terminal application.
- Open SSHd configuration file using a text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
- Locate the UseDNS directive within the file
- Set UseDNS to no.
UseDNS no
Add the line if it doesn't already exist and remove # at the beginning of the line if the existing line starts with #.
- Save the changes and exit the text editor.
- Restart the SSH server to apply the new settings.
$ sudo systemctl restart sshd
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.