Dropbear configuration - slow initial connection


New Member

I have installed the dropbear service, and initially thought it was broken as the server did not respond. Once I became patient enough I realised that the server was simply taking a long time to respond to the connection request. The problem appears to be related to a reverse DNS look up. See question 359344 on superuser.com (No link because I am a new user here).

I have verified that this is the issue by adding a suitable IP address and hostname to the /tmp/hosts file. Unfortunately this file is reset on reboot, and since I use DHCP it is likely that my client IP address will change.

The _config file appears to be a custom format for the hummy. Is there a full description of the options for this file, and is there a "UseDNS no" option?

As an aside, I notice that the IP address for humax in the hosts file does not match the fixed IP address I have manually configured for the hummy via the network settings menu. Is this an issue?


What are you trying to achieve? There is usually more than one way to skin a cat.

For example: a startup script could recreate the hosts file at boot time, and there is no difficulty fixing the IP address - see HERE (click).
His Humax IP address is already fixed, but that isn't the issue, it is the client addresses.

I have exactly the same problem. SSH will not connect unless the IP address of the client is in the hosts file. This appears to be reset upon boot and yes you could have a script to recreate it, but unless you know that you always use specific clients with known IP addresses then what do you put in the file?
Any persistent entries that you want can already be put in /mod/etc/hosts

Disabling reverse DNS in dropbear might require a package update though. I'll look into it.

Posted on the move; please excuse any brevity.
His Humax IP address is already fixed, but that isn't the issue, it is the client addresses.
If the client address is on the local network, it can be fixed the same way we fix the Humax address, but I admit I have no idea what all this is about. My previous question "what are you trying to achieve" remains relevant.
It can be fixed in the same way, but it may not be advantageous to do so dependent on the nature of the device. Mobile devices are often better left on DHCP because, well, they're mobile (!) and then easily pick up an address off whatever network they're connected to rather than risk an IP address conflict, or being static on the wrong subnet in the first place, hence no connection at all. I have exactly this problem using my iPad to SSH into my HDR.
Although DHCP, they can still be given a fixed address on any particular network by configuring the router. Your iPad, for example, can continue to operate DHCP but be allocated the same IP address each time - as per the link in post 3.
I am trying to achieve fast ssh connections to my Hummy from any client on my local home network.

Using a fixed IP address on the client is not possible as the client travels. I recently scrapped my last home desktop machine so now all home clients are laptops, tablets or smart phones.
I have a DSL-G624M router that does not support static IP assignment to clients (as far as I can tell - feel free to tell me if I'm wrong).

Thanks af123 for the /mod/etc/hosts tip. I have now created this file, added the current DHCP address of my client, and hey presto, it gets added to the /tmp/hosts file on reboot.

The ultimate solution is to disable reverse DNS look up, so I look forward to any possible package updates.
I have a DSL-G624M router that does not support static IP assignment to clients (as far as I can tell - feel free to tell me if I'm wrong).
I don't know specifically, but this doesn't seem likely at first sight. If you dive into the control panel web page you are likely to find an infinite lease or infinite timeout setting for the particular network device's MAC address. This will allow you to freeze the IP address handed out to that MAC on DHCP request, if not actually decide what it should be.
Try the new dropbear-ssh package - version 2013.59

Thanks. I have removed the /mod/etc/hosts file and updated to the new package, and can now connect via ssh without the delay.
I notice that no new configuration lines have been added to the _config file. Although I'm happy, how will other users enable the reverse DNS lookup feature?
The default behaviour of recent versions of dropbear is to skip reverse DNS lookups. It can be changed but it's a compile-time option. I can't see why anyone would want or need this on a box like this though.
The manual at http www dlink com/-/media/Consumer_Products/DSL/DSL G624M/Manual/DSL_G624M_Manual_EN_UK.pdf certainly doesn't mention it and talks about configuring static IP addresses on the client. Only possibility is that the maximum value of lease time isn't documented; maybe there is an infinite option.

Some routers let you assign a fixed IP address to a particular MAC address, some (many?) don’t. The manual at the link you have posted suggests your router falls into this latter class, unless the feature is buried in some menu somewhere and not documented: look for a checkbox or something along the lines of “Always use this address” if you can find somewhere to edit the names of the devices associated with the MAC addresses.

Items that stay permanently on that router’s network can easily (bar problems with the router firmware) be given fixed IP addresses (by reducing the DHCP pool, if necessary, and manually configuring the devices with addresses outside of the DHCP pool).

Devices that “wander” between networks in the WiFi sense could be trickier in some cases: but I note that it appears that my Android phone at least would allow me to configure the options (DHCP or fixed) on a per SSID basis.

Devices that “wander” between networks in the “plugged in via an Ethernet cable” sense are going to be a lot harder if there is only one physical network interface (NIC) on the device… The only option I can think of when there is a single NIC is to setup two LAN profiles, only one of which is enabled at any one time and toggle between them, or to modify a single one on the fly to be DHCP or not. For a laptop you could try adding a second USB Ethernet adapter, it should, I believe, for most OS, use which ever appears to be plugged in (needs to be tested).

There is also the option of trying to find a router that does support fixed IP address assignment under DHCP and using that as your DHCP server instead (i.e. disable DHCP on G624M if you want to keep it for the rest of its functionality). I have three DSL routers running this way at home (one runs DHCP and connects the internet; the other two allow “decent” Wifi coverage in various corners of the house - all three are old).

I think the problem with the “lease time scenario” is that you can end up with a different IP address the next time you reboot the router.