Improving openSSH server performance

From Notes_Wiki

Home > CentOS > CentOS 6.x > OpenSSH server configuration > Improving openSSH server performance

There are various ways of improving SSH server performance. For example on local LAN disabling all types of DNS checks both on server and on client as described on Disabling reverse DNS lookup for openSSH can improve speed significantly. Other performance improvements possible are described in various sub-sections on this page.


Disabling GSSAPI Authentication (Kerebros)

GSSAPI authentication is used by systems like Kerebros so that there is some standardization of client / server authentication which is independent of actual implementation. If GSSAPI authentication mechanisms are not used then one can improve SSH speed by using: 

GSSAPIAuthentication no

This may be particularly useful if when SSHing to server with -v the output pauses for a while after displaying: 

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

Please note that this has to be done on SSH client (/etc/ssh/ssh_config) on our machine and SSH server on remote machine (/etc/ssh/sshd_config). Doing above configuration on SSH server of current machine will not have any effect.



Home > CentOS > CentOS 6.x > OpenSSH server configuration > Improving openSSH server performance

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Improving_openSSH_server_performance&oldid=6459"