Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

There are a few possible explanations for slow SSH connection establishment. The two most likely ones for an Openstack instance are these:

  • It is possible that it is caused by a misconfigured DNS. Apparently sshd by default will attempt to do a reverse DNS lookup on the IP address. If DNS is not working for the instance, the DNS lookup needs to timeout before sshd will continue.

  • It is possible that the instance is short of entropy. sshd typically uses /dev/random relatively heavily when starting up and each time a connection is being established. On a typical system, /dev/random consumes entropy from a pool that is maintained by the OS. This pool is "topped up" from sources of randomness available from the hardware. If the pool is depleted, attempts to read /dev/random will block.

    On a bare metal system, a lot of entropy can be harvested from the hardware. On a virtual machine, the physical hardware sources tend to be hidden from the guest OS. So the rate of replenishing entropy pool can be a lot slower. In extreme cases, this can lead to slow SSH connection establishment.

See also: