Well, at least the login part. For some (very) weird reason, some distros think that everyone is part of some huge, corporate environment -- thus making Kerberos and GSSAPI logins the default methods.
Is there a problem with that ? Well, not directly - you only need to wait until SSH can understand that login just ain't gonna happen that way, and fallback to the good' old username/password asking. The real problem is that it can...take...AGES! It took about 2 mins in my case ( considering I SSH to some machines every few minutes... ), and it just drove me crazy.
On to the sweet part:
open up your SSH configuration file. That should be in /etc/ssh/ssh_config
Add a # character in front of any line that starts with Kerberos or GSSAPI. Some known culprits are the lines
GSSAPIAuthentication yes KerberosAuthentication yes
of course, you can just change the 'yes' part to 'no' instead of commenting them out, but I'll leave that up to you.
For a further boost ( min 5 seconds boost ) you can specify the following to your SSH server daemon:
in /etc/ssh/sshd_config , find the line UseDNS and make sure it's set to "no". If such a line does not exists, append it!
UseDNS no
Save it, restart SSH, and enjoy :)