SyntaxFix

[ssh] Set SSH connection timeout

I'm trying to cut down the time ssh is trying to open a connection to a host. If I put for example ssh www.google.com it takes very long until the prompt comes back.

I read about using ssh -o ConnectTimeout=10 www.google.com instead, but even this takes very long. Is there maybe a number of attemps I can modify to decrease the blocking time?

This question is related to ssh timeout

The answer is

The problem may be that ssh is trying to connect to all the different IPs that www.google.com resolves to. For example on my machine:

# ssh -v -o ConnectTimeout=1 -o ConnectionAttempts=1 www.google.com
OpenSSH_5.9p1, OpenSSL 0.9.8t 18 Jan 2012
debug1: Connecting to www.google.com [173.194.43.20] port 22.
debug1: connect to address 173.194.43.20 port 22: Connection timed out
debug1: Connecting to www.google.com [173.194.43.19] port 22.
debug1: connect to address 173.194.43.19 port 22: Connection timed out
debug1: Connecting to www.google.com [173.194.43.18] port 22.
debug1: connect to address 173.194.43.18 port 22: Connection timed out
debug1: Connecting to www.google.com [173.194.43.17] port 22.
debug1: connect to address 173.194.43.17 port 22: Connection timed out
debug1: Connecting to www.google.com [173.194.43.16] port 22.
debug1: connect to address 173.194.43.16 port 22: Connection timed out
ssh: connect to host www.google.com port 22: Connection timed out

If I run it with a specific IP, it returns much faster.

EDIT: I've timed it (with time) and the results are:

  • www.google.com - 5.086 seconds
  • 173.94.43.16 - 1.054 seconds

The ConnectTimeout option allows you to tell your ssh client how long you're willing to wait for a connection before returning an error. By setting ConnectTimeout to 1, you're effectively saying "try for at most 1 second and then fail if you haven't connected yet".

The problem is that when you connect by name, the DNS lookup can take several seconds. Connecting by IP address is much faster, and may actually work in one second or less. What sinelaw is experiencing is that every attempt to connect by DNS name is failing to occur within one second. The default setting of ConnectTimeout defers to the linux kernel connect timeout, which is usually pretty long.

Source: Stackoverflow.com

Examples related to ssh

Starting ssh-agent on Windows 10 fails: "unable to start ssh-agent service, error :1058" How to solve "sign_and_send_pubkey: signing failed: agent refused operation"? key_load_public: invalid format ssh connection refused on Raspberry Pi Getting permission denied (public key) on gitlab Verify host key with pysftp Can't connect to Postgresql on port 5432 Checkout Jenkins Pipeline Git SCM with credentials? How to open remote files in sublime text 3 how to setup ssh keys for jenkins to publish via ssh

Examples related to timeout

Waiting for Target Device to Come Online Spring Boot Java Config Set Session Timeout How to dispatch a Redux action with a timeout? Spring Boot REST API - request timeout? 5.7.57 SMTP - Client was not authenticated to send anonymous mail during MAIL FROM error How to set timeout in Retrofit library? How to set connection timeout with OkHttp How to modify the nodejs request default timeout time? How to handle ETIMEDOUT error? Timeout for python requests.get entire response

Tags

Header-fields Securityexception Protected-mode Datagridviewtextboxcell Social-graph Procmail Adobe-flash-cs3 Gtkd Radphp Active-pattern Rake-test Spork Clarity Android-photos Xml-builder Review-board Nswindow War-filedeployment Workflow-foundation-4 Visual-studio-shell Infiniband Observer-pattern Printqueue Omnithreadlibrary Testimonials Rjava Protocolexception Web-content Subpixel Fileopendialog Overwrite Buildengine Screen-orientation Pyexcelerator Distribution Loginview Fossil Nspredicate Adium Datamapper Subst Checkout Worker-process Read-eval-print-loop Branch Cyclicbarrier Dataviewmanager Uilocalnotification Groupname Opendata Django-contrib Gslb Officedev Refactorpro Webmethods Label Auto-versioning Rc.exe Baseline Check-digit Createcriteria Quickfix Overload-resolution Nspasteboard Scroll Datahistory Hilbert-curve Prototip Ebcdic Boundfield Logging-application-block Scriptservice Arraycollection Metabase Confluence Graceful-degradation Three20 Gwt Android-lifecycle Pocketpc C++builder-2010 Bitconverter Disposable Cssresource Global-asax Fdopen Widechar Econnect Spawn Lifetime Racing Onunload Tlbexp Sigqueue Thread-local Core-foundation Default-document Xceed Zend-studio Pdostatement