Table of Contents

Fix slow SSH connections (delays) on Mac OS X

SSH connections on Mac OS X are sometimes very slow (long delays) although it's instantaneous on Linux. Modifying an option in the configuration files fixes this injustice.

Update Client Configuration

sudo vi /etc/ssh_config

Replace this line: 

# GSSAPIKeyExchange yes

by: 

GSSAPIKeyExchange no

Don't forget to remove the sharp!

Update Server Configuration

sudo vi /etc/sshd_config

Replace this line: 

#UseDNS yes

by: 

UseDNS no

Again, don't forget to remove the sharp. That's it !

Note

May be you're not enthusiastic about hacking your SSH configuration files. Another solution is to add the IP addresses you're going to connect to (or which are going to connect to your mac) in /etc/hosts.

Created: February 11, 2008  
 

Ivanoats
October 05, 2007

are there any security implications, or is this just pure speed man
 

topfunky
October 06, 2007

Yikes, that's much faster. I use ssh frequently for application deployment, maintenance, and git SCM, so this will really speed up my workflow.
 

Maestric
October 06, 2007

I don't think it creates any security issues, but I'm not a network guru. Actually, it should be like that by default:

GSSAPIKeyExchange
Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange doesn’t rely on ssh keys to verify host identity. The default is ‘‘no’’. Note that this option applies to protocol version 2 only.

Reference:
http://www.opensourcemanuals.org/manual/sshd_config/synopsis
 

Age
October 08, 2007

This addresses the symptoms but not the underlying problems. If turning off DNS works, you're reverse DNS is broken. The GSSAPI stuff is a good thing long term, which is why it was enabled by default -- make sure the sshd on the servers your connecting to is up to date. If these are beyond your control, these config changes will help, but know what you're giving up.
 

Maestric
October 09, 2007

Age, you seem to have a good idea of what is this "GSSAPI stuff" and how it works. Could you please give us more details about "good thing long term" and what we're "giving up"?
 

Munkey
November 28, 2007

I had a problem where SSH connections would be really slow after passing login credentials. Eventually (sometimes after as much as 10+ minutes) I would be connected. I also noticed that X11 was loading all the time, and I couldn't see what app would be causing it. Eventually I figured out the fix to both. /etc/ssh_config had the line "ForwardX11 yes". I changed it to "ForwardX11 no" and both problems went away. Apparently X11 auth was hanging when I'd ssh to some hosts.
 

John
March 07, 2008

This solution worked great for me! Thank you! I only had to change the server's sshd_config file. I am sshing from a linux box.
 
write a message
Name


City


Email (won't be displayed)




Antispam: enter the current year (2008)