Hi Nik, Dr. Nikolaus Klepp writes:
> Anno domini 2019 Mon, 11 Feb 10:51:09 +0100 > Didier Kryn scripsit: >> Le 10/02/2019 à 18:19, Arnt Karlsen a écrit: >> >> >> >> There's nothing in the logs. It just takes verry long to start. >> >> >> Tried to set LogLevel in sshd_config? >> >> or launch sshd with the -d option ? >> >> >> Didier > > Hi! > > The problem only exists if all of these conditions are met: > > - kernel 4.19. from beowulf > - network up, but DNS of ISP not reacting in time or dhcpcd did not get a > lease > - sshd_config has "UseDNS yes" > - first try to start sshd after boot > > The problem is solved by "UseDNS no" in sshd_config. I've turned that off at the office because our DHCP clients were not getting registered with the corporate DNS server(s). Made SSH client connections slow as molasses. > Now that sshd uses DNS on first startup is quite surprising - at least > it was for me. That UseDNS defaults to "yes" is not that surprising (it's a way to catch spoofing attempts), but I fail to understand why it would slow down the server's startup ... or, wait, I've seem something similar before ... a service trying to connect to an SMTP server at start up (if configured to use email notifications). So I'm guessing sshd tries to connect to a DNS server when this option is on to make sure DNS can be used. Perhaps it shouldn't and just try to resolve on a per request basis, seeing as service availability may come and go at any given time for a number of reasons. Hope this clarifies a bit, -- Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Software https://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
