helper.sh
自動
日本語
English 日本語 简体中文 繁體中文

System maintenance

optimize_centos7_ssh.sh

Designed for legacy CentOS 7 hosts where SSH login is slow because the daemon waits on reverse DNS lookup, GSSAPI negotiation, or IPv6 fallback. The script backs up sshd_config, enforces the recommended settings, validates the syntax, and then restarts sshd.

ワンライナー

curl -fsSL helper.sh/optimize_centos7_ssh.sh | sudo bash
curl -fsSL -o optimize_centos7_ssh.sh helper.sh/optimize_centos7_ssh.sh && sudo bash optimize_centos7_ssh.sh

実行条件

  • CentOS 7 or similar OpenSSH host
  • root privileges or sudo
  • /etc/ssh/sshd_config present
  • systemctl or service command

適用場面

  • Shorten slow SSH login caused by reverse DNS lookup
  • Disable GSSAPI auth on hosts that do not use Kerberos
  • Standardize SSH latency tuning during CentOS 7 maintenance

主なポイント

  • Creates a timestamped backup before editing sshd_config
  • Sets UseDNS no, GSSAPIAuthentication no, and AddressFamily inet idempotently
  • Runs sshd -t before restart so bad config does not get applied blindly

推奨手順

  1. Fetch the script from helper.sh with curl.
  2. Run it as root or through sudo.
  3. Let the script back up, update, validate, and restart sshd.
  4. Reconnect with SSH and confirm the login delay is gone.

注意事項

  • Review the raw script first if the host is production-critical.
  • If the server depends on Kerberos or IPv6-only connectivity, do not apply these defaults blindly.
  • Keep an existing SSH session open while testing the restart.

関連記事

How to speed up slow SSH login on CentOS 7 before deeper troubleshooting

A practical guide to using optimize_centos7_ssh.sh when an old CentOS 7 host pauses too long before the SSH password prompt because of reverse DNS, GSSAPI, or IPv6 fallback.

記事を見る

関連トピック

CentOS 7 maintenance and recovery

Keep legacy CentOS 7 hosts installable and maintainable when yum repositories fail, mirrors expire, or Docker data needs to be moved off a crowded disk.

トピックを見る

問題ページ

Why is CentOS 7 SSH login so slow

The usual causes are reverse DNS lookup, GSSAPI auth negotiation, and sometimes IPv6 fallback. Disable those waits before doing deeper SSH troubleshooting.

ページを見る