<br><br><div class="gmail_quote">On Sat, Dec 1, 2012 at 5:59 PM, Lisa Kachold <span dir="ltr"><<a href="mailto:lisakachold@obnosis.com" target="_blank">lisakachold@obnosis.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi Larry,<div class="gmail_extra"><br><br><div class="gmail_quote"><div class="im">On Fri, Nov 30, 2012 at 8:56 PM, Dazed_75 <span dir="ltr"><<a href="mailto:lthielster@gmail.com" target="_blank">lthielster@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><br><br><div class="gmail_quote"><div>On Fri, Nov 30, 2012 at 5:29 PM, der.hans <span dir="ltr"><<a href="mailto:PLUGd@lufthans.com" target="_blank">PLUGd@lufthans.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Am 30. Nov, 2012 schwätzte Dazed_75 so:<br>
<br>
moin moin,<div><br>
<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Interesting. I deleted entry 8 and then ssh'd to lapdog0 with no<br>
complaint. Logged out, rebooted that machine to Mint and then ssh'd into<br>
lapdog1 and that complained about then new entry 23 for lapdog0.<br>
</blockquote>
<br></div>
Yeah, line 8 was probably your old entry for lapdog2.</blockquote></div><div><br>Yes, I said so in the first post. <br></div><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><br>
<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
It appears that ssh will make an entry in known_hosts for each IP and<br>
something (host name, kernel, tennis ball) combination, but only complains<br>
about the 1st mis-match it finds. Whatever the "something" is is not clear<br>
as I got no complaint after deleting entry 8 (from the lapdog2 days) and<br>
sshing in to lapdog0. Puzzling.<br>
</blockquote>
<br></div>
It tracks hostname and IP combinations and warns you if the IP has another<br>
entry. Presuming both lapdog0 and lapdog1 are properly in known_hosts I'd<br>
think the warning would go away.<br></blockquote></div><div><br>no, it does not. I did describe the circumstances though I tend to use more words than many folks do. As I said, since both lapdog0 and lapdog1 are the same machine (with the same mac address) just booted into different OSes they both get the same IP from DHCP. That seems to land two entries for the same IP in known_hosts and that seems to make ssh complain.<br>
</div><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
Does ssh -v explain it?<br></blockquote></div><div><br>I did not think to try that and it is too late as I am re-installing that machine to test out a couple of things.<br><br>Thanks for the feedback guys! <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div>
<br>
ciao,<br>
<br>
der.hans<span><font color="#888888"><br>
-- <br></font></span></div></blockquote></div></blockquote><div><br></div></div><div>Sorry this is so late. </div><div><br></div><div>But you can do any of the following:</div><div><br></div><div>a) Clone the connection for both machines:</div>
</div></div></blockquote><div><br></div><div>As I said in the first post, lapdog0 and lapdog1 are the same machine just using different hostnames depending on which Linux is running. Therefore, they "both" have the same mac address by definition.</div>
<div><br></div><div>I did think of copying the public and private parts of the key from one to the other but don't know enough to know if that might cause another problem. </div><div><br></div><div>BTW, I re-installed (to be totally sure of the starting point) them again with both being named lapdog2 and it made no difference.</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_extra"><div class="gmail_quote">
<div><br></div><div>1) Use the same key for both machines.</div><div><br></div><div>ssh-keygen then copy that key to your second machine.</div><div><br></div><div>2) set your MAC address as the same number in your network device configuration.</div>
<div><br></div><div><br></div><div>B) Disable Strict Error Checking</div><div><br></div><div>Turn off strict error checking in /etc/ssh/sshd_config on both machines.</div></div></div></blockquote><div><br></div><div>The error is showing as being due to strict error checking. But I would hesitate to turn it off other than temporarily not to mention that I don't know how. Finding out would be easy, it's just not a priority. </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_extra"><div class="gmail_quote"><div><br></div><div>While this can be a ssh security risk and therefore not indicated on most networks for which you are maintaining this solution, but if you have buttoned down your network and actually read your logs, it should be safe, alternately you can also seru==dd </div>
<div><br></div><div><a href="http://en.wikipedia.org/wiki/Port_knocking" target="_blank">http://en.wikipedia.org/wiki/Port_knocking</a><br></div><div class="im"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><span><font color="#888888"></font></span></div>
</blockquote></div><div><div><br>-- <br>Dazed_75 a.k.a. Larry<br>
<br>Please protect my address like I protect yours. When sending messages to multiple recipients, use the BCC:
(Blind carbon copy). Remove addresses from a forwarded message body before clicking Send. <br><br>
</div></div><br>---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" target="_blank">http://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br></blockquote></div></div><span class="HOEnZb"><font color="#888888"><br><br clear="all">
<div><br></div>-- <br><div><img><br>
</div><div><br></div><a href="tel:%28503%29%20754-4452" value="+15037544452" target="_blank">(503) 754-4452</a> Android<br><a href="tel:%28623%29%20239-3392" value="+16232393392" target="_blank">(623) 239-3392</a> Skype<br>
<a href="tel:%28623%29%20688-3392" value="+16236883392" target="_blank">(623) 688-3392</a> Google Voice<br>**<br><a href="http://it-clowns.com" target="_blank">it-clowns.com</a> <br>Chief Clown<br><br><br><br><br><br><br>
<br><br>
<br><br><br><br><br><br>
</font></span></div>
<br>---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="http://lists.phxlinux.org/mailman/listinfo/plug-discuss" target="_blank">http://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Dazed_75 a.k.a. Larry<br>
<br>Please protect my address like I protect yours. When sending messages to multiple recipients, use the BCC:
(Blind carbon copy). Remove addresses from a forwarded message body before clicking Send. <br><br>