SSH is the most popular and secure method for managing Linux servers remotely. One of the challenges with remote server management is connection speeds, especially when it comes to session creation between the remote and local machines.
There are several bottlenecks to this process, one scenario is when you are connecting to a remote server for the first time; it normally takes a few seconds to establish a session. However, when you try to start multiple connections in succession, this causes an overhead (combination of excess or indirect computation time, memory, bandwidth, or other related resources to carry out the operation).
In this article, we will share four useful tips on how to speed up remote SSH connections in Linux.
1.Use Compression option in SSH
From the ssh man page (type man ssh
to see the whole thing):
-C Requests compression of all data (including stdin, stdout,
stderr, and data for forwarded X11 and TCP connections). The
compression algorithm is the same used by gzip(1), and the
“level” can be controlled by the CompressionLevel option for pro-
tocol version 1. Compression is desirable on modem lines and
other slow connections, but will only slow down things on fast
networks. The default value can be set on a host-by-host basis
in the configuration files; see the Compression option.
ssh -C username@example.com
2.Force SSH Connection Over IPV4
OpenSSH supports both IPv4/IP6, but at times IPv6 connections tend to be slower. So you can consider forcing ssh connections over IPv4 only, using the syntax below:
# ssh -4 username@example.com
The accepted values are “any”, “inet” for IPv4 only, or “inet6”.
AddressFamily inet
3. Reuse SSH Connection
An ssh client program is used to establish connections to an sshd daemon accepting remote connections. You can reuse an already-established connection when creating a new ssh session and this can significantly speed up subsequent sessions.
You can enable this in your ~/.ssh/config file.
ControlMaster auto
ControlPath /home/akhil/.ssh/sockets/ssh_mux_%x_%p_%r
ControlPersist yes
openssh doesn’t support %x(ip address in control paths), use my repo instead
https://github.com/akhilin/openssh-portable.git
or use %h to use hostname instead of ip address
using ip address is recommended so that even if you connect using different hostnames it uses same socket ( very useful when using ansible , pdsh )
4. Use Specific SSH Authentication Method
Another way of speeding up ssh connections is to use a given authentication method for all ssh connections, and here we recommend configuring ssh passwordless login using ssh keygen in 5 easy steps.
Once that is done, use the PreferredAuthentications directive, within ssh_config files (global or user specific) above. This directive defines the order in which the client should try authentication methods (you can specify a command separated list to use more than one method).
PreferredAuthentications=publickey
If you prefer password authentication which is deemed unsecure, use this.
ssh -o "PreferredAuthentications=password" username@example.com
5.Disable DNS Lookup On Remote Machine
By default, sshd daemon looks up the remote host name, and also checks that the resolved host name for the remote IP address maps back to the very same IP address. This can result into delays in connection establishment or session creation.
The UseDNS directive controls the above functionality; to disable it, search and uncomment it in the /etc/ssh/sshd_config file. If it’s not set, add it with the value no
.
UseDNS=no