SSH to one address, different ports, different hosts
Ben Scott
dragonhawk at gmail.com
Sun Mar 11 11:59:54 EDT 2007
Hello, world.
So anyway, I finally got around to installing the OpenWRT firmware
on my LinkSys WRT54G box today (a remarkably easy and painless
process, BTW). I set-up SSH on said box to listen on a non-standard
port and opened the firewall to that. This lets me SSH directly into
the router -- useful to try and figure out why my "real computer" is
not responding when I attempt to SSH into *it*.
So I now have two completely different boxes (LinkSys WRT54G, and my
Dell PC) appearing to the world on a single IP address. The problem
is, when I use OpenSSH's "ssh" to connect to the second box, it
screams bloody murder that the host key has changed and refuses to
connect. Partial extract:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
Host key verification failed.
That is, of course, by design. The normal assumption is one-to-one
between IP addresses and hosts. So a different host key from the same
IP address is normally a Bad Thing. But in this case, the first
assumption is invalid -- I have multiple hosts at one IP address.
Ideally, there would be some way to make ssh identify hosts not just
by IP address, but by IP-address:port combinations. I didn't see one.
For now, I've written two stanzas in my $HOME/.ssh/config file, one
for each box, and used the "UserKnownHosts" directive to assign
different known_hosts files to each. So "ssh homegw" uses
"$HOME/.ssh/homegw.known_hosts" and "ssh blackfire" uses
"$HOME/.ssh/blackfire.known_hosts", and everything else uses the
default.
Anyone else have thoughts or ideas to offer?
-- Ben
More information about the gnhlug-discuss
mailing list