Accelerate login via SSH in Ubuntu 100 times
For a long time, I suffered a terribly slow remote login to my Ubuntu server (all 2 
). Terribly slow in this case - 2-3 seconds. Not that it was completely fatal, but when login through the key - I want everything to work instantly - after all, we don’t have 486SX.
Long googling led only to standard solutions:
It turned out that the Ubuntu file used by our grandfathers for really useful tasks / etc / motd is used very “creatively” - before version 10, motd was regenerated using the crontab task, which performed a bunch of tasks, including checking for updates on the canonical server ( and much more). Disabled via update-motd --disable.
')
In the 10th version, it is already so simply not working, because The motd generation was transferred to PAM modules, which are executed directly at the moment of login and are otzhirat these most precious 2-3 seconds of time, while the user is impatiently looking at the black terminal window. So, take a scalpel:
After that, you can finally edit to taste / etc / motd
In / etc / ssh / sshd_config, see if there is a 'PrintMotd yes' if you still need it.
Done, the login to the server is now instant :-)
Ps. And if you log in with a key, then the RSA key is checked faster than the DSA with an equal length (4 times) - and even on modern hardware, you can see the difference on the 2048 keys.
). Terribly slow in this case - 2-3 seconds. Not that it was completely fatal, but when login through the key - I want everything to work instantly - after all, we don’t have 486SX.Long googling led only to standard solutions:
- UseDNS no in / etc / ssh / sshd_config - speeds up login in case of braking DNS. In my case, there was a local caching DNS, that's why everything was fast.
- Forced indication of IPv4 in the SSH client - didn’t help much, apparently not everyone is slow
It turned out that the Ubuntu file used by our grandfathers for really useful tasks / etc / motd is used very “creatively” - before version 10, motd was regenerated using the crontab task, which performed a bunch of tasks, including checking for updates on the canonical server ( and much more). Disabled via update-motd --disable.
')
In the 10th version, it is already so simply not working, because The motd generation was transferred to PAM modules, which are executed directly at the moment of login and are otzhirat these most precious 2-3 seconds of time, while the user is impatiently looking at the black terminal window. So, take a scalpel:
- In the /etc/pam.d/login and /etc/pam.d/sshd files we cut out the lines “session optional pam_motd.so”
- We demolish the components of paid monitoring installed by default:
aptitude remove landscape-client landscape-common
After that, you can finally edit to taste / etc / motd
In / etc / ssh / sshd_config, see if there is a 'PrintMotd yes' if you still need it.
Done, the login to the server is now instant :-)
Ps. And if you log in with a key, then the RSA key is checked faster than the DSA with an equal length (4 times) - and even on modern hardware, you can see the difference on the 2048 keys.
Source: https://habr.com/ru/post/115942/
All Articles