Ssh fails to resolve host after update to 33

mdborland · November 26, 2020, 5:54pm

I updated from Fedora 32 to 33 yesterday. However, I can’t get ssh to work as before. All ssh attempts stall with a message like
resolving hostname port portNumber
If I wait for several minutes, the hostname will eventually be resolved. If I repeat the ssh command, the wait starts over.

Internet speed is very high as measured with the Google speed test in chrome.
Also, if I use dig, the hostname is resolved instantly. It is only when using ssh that the hostname resolution takes minutes.

I tried a few things that didn’t help:

Use only 8.8.8.8 and 4.4.4.4 for DNS lookup
Emptied out my known_hosts file
Reverted to F32 crypto using update-crypto-policies

Any help is appreciated.

Thanks–Michael

mdborland · November 26, 2020, 5:55pm

Also, if I use the numerical IP address obtained from dig, the ssh connection is made without delay.

vgaetera · November 26, 2020, 7:28pm

Post the output:

grep -e ^hosts: /etc/nsswitch.conf; \
grep -v -e ^# -e ^$ /etc/resolv.conf; \
resolvectl --no-pager status; \
resolvectl query SSH_HOST

mdborland · November 26, 2020, 8:01pm

hosts: files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] myhostname dns
nameserver 127.0.0.53
options edns0 trust-ad
Global
LLMNR setting: resolve
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Fallback DNS Servers: 1.1.1.1
8.8.8.8
1.0.0.1
8.8.4.4
2606:4700:4700::1111
2001:4860:4860::8888
2606:4700:4700::1001
2001:4860:4860::8844

Link 2 (eno1)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 192.168.1.1
DNS Servers: 192.168.1.1
DNS Domain: ~.
SSH_HOST: resolve call failed: ‘SSH_HOST’ not found

mdborland · November 26, 2020, 8:23pm

I tried
resolvectl dns eno1 8.8.8.8 4.4.4.4

This resolves (pun intended) the problem with ssh response, but when I reboot it reverts to using 192.168.1.1 (my wifi router) for DNS.

Is there a way to make the change permanent?

vgaetera · November 26, 2020, 8:36pm

Use this method:
https://discussion.fedoraproject.org/t/fedora-33-dns-firefox-and-chrome/69424/2?u=vgaetera

mdborland · November 26, 2020, 8:53pm

Thanks! That worked. More specifically, all I had to do was
nmcli connection modify id CONNECTION_NAME ipv4.ignore-auto-dns yes ipv6.ignore-auto-dns yes

In my case, CONNECTION_NAME was “Wired connection 1”.

system · December 24, 2020, 8:53pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.