Slow SSH Establishment

Go to helpful replies
Martin2
Contributor

‎03-22-2024 02:20 PM

I have Bell Fibre Internet into a new condo in a new building in Toronto.  For work, I use command-line SSH to tunnel into Linux servers.  The initial connection establishment typically takes 8 to 10 seconds (it seems to hang).  Once the connection is established the speed is great.

 

Has anyone on here experienced the same problem and have a solution?

I phoned Bell about the issue and they tried changing my DNS servers, which never helped.  They also sent me a brand new modem (but the other modem was brand new too), and that never helped.  They told me their engineering team was aware of the issue and would be fixed in 2 weeks.  That was over 2 months ago.  I phoned Bell again recently and they escalated me to what I was told is the "highest level technical support team", to which I had to explain the entire problem again to them, and they told me that they had never heard of "SSH" and that they don't support this type of technical help request.

 

 

0 Likes
0 8 1,045
1 helpful reply

Accepted Solutions

Go to helpful replies
Vanadiel
Community All-Star
Community All-Star

‎03-22-2024 03:59 PM - edited ‎03-22-2024 03:59 PM

Check your SSH config to see if it requires reverse DNS.

Most Bell routing points do not have the configuration for both forward(A) and reverse(PTR) records, leading to this issue with SSH if you have the (default) option enabled to perform a forward and reverse DNS record check.

You can check this for yourself when doing a traceroute to the remote SSH server. You will see the IP's of various Bell routing points, and usually the first 2 or so do not have a DNS record associated with them. The ones after that will have a DNS record associated with them.

I am thinking your initial delay has to do with the inability to perform the forward and reverse DNS record check.

I am a Community All-Star and customer. I'm here to help by sharing my knowledge and experience. My views on Bell and the Community Forum are my own and not the views of Bell or any of its affiliates.

View reply in original post

0 Likes
8 REPLIES 8

Go to helpful replies
Vanadiel
Community All-Star
Community All-Star

‎03-22-2024 03:59 PM - edited ‎03-22-2024 03:59 PM

Check your SSH config to see if it requires reverse DNS.

Most Bell routing points do not have the configuration for both forward(A) and reverse(PTR) records, leading to this issue with SSH if you have the (default) option enabled to perform a forward and reverse DNS record check.

You can check this for yourself when doing a traceroute to the remote SSH server. You will see the IP's of various Bell routing points, and usually the first 2 or so do not have a DNS record associated with them. The ones after that will have a DNS record associated with them.

I am thinking your initial delay has to do with the inability to perform the forward and reverse DNS record check.

I am a Community All-Star and customer. I'm here to help by sharing my knowledge and experience. My views on Bell and the Community Forum are my own and not the views of Bell or any of its affiliates.
0 Likes

Go to helpful replies
Martin2
Contributor
In response to Vanadiel

‎03-22-2024 04:13 PM

I'm on Mac book and in my /etc/ssh/sshd_config I have "UseDNS no".  I'm not sure what steps I should take other than that.  

0 Likes

Go to helpful replies
Vanadiel
Community All-Star
Community All-Star
In response to Martin2

‎03-22-2024 05:47 PM

That should be about it as far as I know.

I am a Community All-Star and customer. I'm here to help by sharing my knowledge and experience. My views on Bell and the Community Forum are my own and not the views of Bell or any of its affiliates.
0 Likes

Go to helpful replies
leb1
Contributor

‎03-30-2024 11:30 PM

I have  the same issue with ssh.  Over Bell Fibe takes at least 10 seconds. Let me know if anybody figures this out.

0 Likes

Go to helpful replies
Martin2
Contributor
In response to leb1

‎03-31-2024 12:14 PM

Hi leb1,

If you have access to the sshd_config on your server (/etc/sshd/sshd_config) ensure you have set "UseDNS no"

This worked for me.  This is still a Bell issue though.  We shouldn't have to modify server settings just because an ISP is doing something unconventional and they won't fix it.  I've been ssh'ing for three decades into Linux servers and never once had an issue until I used Bell Fibe at home.  Whatever it is Bell is doing (I don't care to know the technical aspects, I'm busy with my own stuff), they shouldn't be doing.

Happy Easter

 

 

0 Likes

Go to helpful replies
Vanadiel
Community All-Star
Community All-Star
In response to Martin2

‎03-31-2024 12:39 PM

It's because the first 1 or 2 routing points do not have RDNS records. SSH default config does a forward and reverse DNS lookup, which will fail.

It's a common issue.

I am a Community All-Star and customer. I'm here to help by sharing my knowledge and experience. My views on Bell and the Community Forum are my own and not the views of Bell or any of its affiliates.
0 Likes

Go to helpful replies
leb1
Contributor

‎04-12-2024 11:28 PM

I've been ssh'ing for decades too and never faced this issue till Bell Fibe. Rogers is fine.

But good news is Bell appears to have fixed the issue. Just tested several ssh connections to Linux servers and logon lightening fast now. I  made no changes server side (as recommended by Martin1).

Go to helpful replies
sman
Contributor
In response to Martin2

‎04-22-2024 12:19 PM

Just switched to Bell from rogers and noticed this exact issue on one of my server.  I had to add UseDNS NO to the server to make ssh connection not take 30 seconds.

Weird that this had to be configured on one of the server while the other servers were fine.

Never had I had any SSH issue with Rogers.

0 Likes