SFTP Timeouts and SSH Login Delays in Aria Suite Lifecycle Following Upgrades
search cancel

SFTP Timeouts and SSH Login Delays in Aria Suite Lifecycle Following Upgrades

book

Article ID: 438480

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

After an upgrade or patch application (such as VMware Identity Manager), users observe the following behavior on the Aria Suite Lifecycle (vRSLCM) appliance:

  • SSH Login Lag: A delay of 60 seconds or more occurs after entering a password before the command prompt appears.
  • SFTP Timeouts: SFTP clients (e.g., FileZilla, WinSCP) fail to connect or time out during the initial handshake, preventing the upload of OVA files or binaries.
  • Upgrade Blockers: The inability to upload files prevents further patching or upgrades of Aria Suite components.

Environment

Aria Automation 8.18.0

Cause

The issue is caused by DNS reverse lookup timeouts. By default, the SSH daemon (sshd) attempts to resolve the hostname of the client machine connecting to it. If the DNS server is slow to respond or the reverse lookup zone is not configured, the session establishment hangs until the SSH timeout is reached. This delay exceeds the default timeout window for most SFTP clients, causing the connection to fail.

Resolution

To bypass the DNS timeout and restore immediate SFTP access, disable the UseDNS feature in the appliance SSH configuration.

1. Update SSH Configuration

  1. Log in to the Aria Suite Lifecycle appliance as root via SSH. (Note: You may need to wait for the initial 60-second timeout to get the prompt).
  2. Open the configuration file using a text editor:
    vi /etc/ssh/sshd_config
  3. Search for the line UseDNS. If it is commented out or set to yes, change it to:
    UseDNS no
  4. To ensure the connection remains stable during large file transfers, verify or add the following keep-alive settings in the same file:
    ClientAliveInterval 300
ClientAliveCountMax 3
  5. Save the changes and exit (:wq).

2. Restart the SSH Service

Apply the changes by restarting the service:

systemctl restart sshd

3. Verification

  • Open a new SSH session. The login should now be instantaneous.
  • Reconnect via SFTP; the client should now successfully handshake and allow file uploads.

Workaround

If the file transfer is still unsuccessful via SFTP clients, use Secure Copy (SCP) from the command line of your local machine to push the file directly to the appliance:

scp /path/to/binary.ova root@[IP_ADDRESS]:/data/
Powered by Wolken Software