Alright. I can't believe there isn't a resolution to this problem, though so many seem to have brought it up.
Here are the facts:
1. An internet search shows that a number of users have been frustrated by ssh logins to FreeBSD. The issue is that when connecting to a FreeBSD box via ssh the request for "login as" appears quickly but the request for a password takes a long time.
2. The issue is that the OpenSSH package that comes with FreeBSD seems to do a reverse DNS lookup before requesting a password. The lookup (observable with: tcpdump dst port 53) takes up to 60 seconds.
3. Questions about fixing this issue usually receive one of two answers, neither of which work. The typical answer is to either (i) edit ssh_config to include the line "VerifyReverseMapping no" or (ii) edit ssh config to include the line "UseDNS no". It is widely acknowledged that *neither* solution works.
4. Further, adding your local servers to hosts and making sure that hosts.conf points to the hosts file before dns also does not seem to solve the problem. Though, admittedly, report vary in this regard. (Some say this works, other say it doesn't. For me it hasn't worked.)
4. So, question to the great BSD gurus in the sky is how the !$&#&%&%^ do you solve the frackin' problem. Excuse my language its been buggin' me for more than a week.
Please, please, please don't say "configure named". If BSD with OpenSSH really requires named to make ssh login times bearable, then that's plain silliness.
Also, please, please, please, don't tell me you all put up with the wait time. You would accept that kinda wait from your Crackberries (tm); it would be pure indulgence to accept it from your *nix box.
Cheers,
j.
Here are the facts:
1. An internet search shows that a number of users have been frustrated by ssh logins to FreeBSD. The issue is that when connecting to a FreeBSD box via ssh the request for "login as" appears quickly but the request for a password takes a long time.
2. The issue is that the OpenSSH package that comes with FreeBSD seems to do a reverse DNS lookup before requesting a password. The lookup (observable with: tcpdump dst port 53) takes up to 60 seconds.
3. Questions about fixing this issue usually receive one of two answers, neither of which work. The typical answer is to either (i) edit ssh_config to include the line "VerifyReverseMapping no" or (ii) edit ssh config to include the line "UseDNS no". It is widely acknowledged that *neither* solution works.
4. Further, adding your local servers to hosts and making sure that hosts.conf points to the hosts file before dns also does not seem to solve the problem. Though, admittedly, report vary in this regard. (Some say this works, other say it doesn't. For me it hasn't worked.)
4. So, question to the great BSD gurus in the sky is how the !$&#&%&%^ do you solve the frackin' problem. Excuse my language its been buggin' me for more than a week.
Please, please, please don't say "configure named". If BSD with OpenSSH really requires named to make ssh login times bearable, then that's plain silliness.
Also, please, please, please, don't tell me you all put up with the wait time. You would accept that kinda wait from your Crackberries (tm); it would be pure indulgence to accept it from your *nix box.
Cheers,
j.
