right, i kinda did the same thing. in /etc/hosts i made two different aliases to the same ip address (i.e. my gateway). ex: compA 66.55.44.33 compB 66.55.44.33
ssh -p 22 compA ssh -p 222 compB this works, there will be seperate keys in known_hosts for compA and compB, but ssh will store the key for ip address 66.55.44.33 with host compA (because it was created first). for example, after running those two ssh commands, your known_host file will look like this: compA,66.55.44.33 ssh-rsa <long ass string here> compB ssh-rsa <long ass string here> notice that the ip address is stored with compA. ssh notices this also and when you try to connect to compB, ssh will issue a warning...no big deal, i can live with that (although if anyone knows a way to turn it off, i'd appreciate the info). christopher On Wednesday 06 November 2002 01:03 pm, Ward William E DLDN wrote: > > -----Original Message----- > > From: Paul Campbell [mailto:seapwc@;halcyon.com] > > Sent: Wednesday, November 06, 2002 12:59 PM > > To: [EMAIL PROTECTED] > > Subject: Re: two puters running sshd behind a firewall > > > > > > look for a .ssh directory in your $HOME directory. > > It has a known_hosts file. > > I do rm -rf .ssh > > Which is not the solution; this will be recreated when > he logs in, and he'll still be stuck with only connecting > to one of the machines. > > > At 08:50 AM 11/6/02, you wrote: > > >ok, > > >i got computer A running sshd listening for connections on > > > > port a, i got > > > > >computer B running sshd listening for connections on port b. > > > > both are behind > > > > >a hardware firewall that forwards stuff on port a to > > > > computer A and stuff on > > > > >port b to computer B. the hardware firewall is also my > > > > gateway. lets call > > > > >my ip address X. > > > > > >now the problem is sshing from a single machine to both > > > > computers A and B. > > > > >consider sshing to computer A: > > >ssh -p a X > > >yes to creating a key in known_hosts for ip address X > > >now if i issue the following command to get into computer B: > > >ssh -p b X > > >ssh bombs out with a failure message about the RSA host key > > > > has changed. > > > > >obviously cuz computers A and B are different machines, but > > > > known_hosts has > > > > >one key entry for both of them (cuz they share the same ip address). > > > > > >what can i do about this? i don't like having to delete stuff outta > > >known_hosts every time i wanna ssh into a different one of > > > > my home computers. > > The proper answer is to have two different FQDNs pointing to the > same IP, such as foo.bar.com and fee.bar.com which both alias > to fie.bar.com (I.E., your router). > > An example of this is to assume the following: suppose you use > Dyndns.org to get yourself a static hostname for a dynamic (but it > doesn't HAVE to be) IP. You can create two entries, myhome1.dyndns.org > and myhome2.dyndns.org (or, in my case, Ratbert.something.dnsalias.org > Dilbert.something.dnsalias.org and Dogbert.something.dnsalias.org, > for the three machines I do this to, with something be my own > unique domain name). Let's say I have (in my case) Ratbert on port > 22, Dogbert on port 222, and Dilbert on port 223. > > I can then do > ssh ratbert.something.dnsalias.org > or > ssh -p 222 dogbert.something.dnsalias.org > or > ssh -p 223 dilbert.something.dnsalias.org > > and each one has it's OWN entry into my local machine's .ssh keyring. > > Bill Ward -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
