Re: ssh question

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list
Subject: Re: ssh question
Hi Larry,

On Fri, Jun 17, 2011 at 2:00 AM, Dazed_75 <> wrote:

> I tried to ssh from this machine to my laptop (ssh lapdog3) and find that
> ssh is somehow using an old IP instead of doing name resolution on th e name
> lapdog2 which now has a new lease on a different IP.
>


Where did you configure the name to IP address {either}:

dns
/etc/hosts


Sometimes if you are using dyndns or another dynamic dns tool, the ip does
update but it can take a few days to propigate throughout the Internet.

Check your /etc/resolv.conf file and see where you are querying for DNS.

/etc/nsswitch.conf determines if you first query files or dns (and nis which
few use still in linux). It should say files (for /etc/hosts) first then
dns.

>
> 1) How do I fix this?
>


Check to see if you have a key in $HOME/.ssh/known_hosts for your server
name or IP.

You can cache a key for either or both servername and IP.

You can turn off strict checking in /etc/ssh/sshd_conf and it won't matter
but it's a security feature so only do this for testing.

Also, please post the exact error you are getting so we can verify what the
problem is?


> 2) Why does ssh use an old, apparently, stored IP?
>


It caches a key for a known host based on strict dns/ip host checking as
part of SSH rfc. This is all part of key exchange, to waylay IP spoofing
wherein someone could do a MITM attack and pretend to be your server or your
host.

>
> --
> Dazed_75 a.k.a. Larry
>
> The spirit of resistance to government is so valuable on certain occasions,
> that I wish it always to be kept alive.
> - Thomas Jefferson
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>




--
(602) 791-8002 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
HomeSmartInternational.com <http://www.homesmartinternational.com>
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss