Re: SSH tunnel for ssh traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 17 May 2010 10:38:55 -0400
Bill Davidsen <[email protected]> wrote:

> Christoph Höger wrote:
> > Hi,
> > 
> > I need to ssh to some remote VM that sit in a private LAN. For any other
> > service (e.g. RDP) I'd use ssh tunneling just normal.
> > But what do I do for ssh traffic? Since ssh is not host agnostic, it
> > will always complain about localhost having a different RSA key.
> > I just do not want to edit the known_hosts every time I need to connecto
> > to a new machine!
> > 
> I just remembered having a similar problem and how I solved it. I added a fixed 
> IP for the machine at the end of the tunnel in /etc/hosts, and the fixed IP was 
> 127.0.0.X, which seemed to allow a unique entry in known_hosts on the 
> originating machine. Since all of 127/8 is used for loopback, I decided to use 
> another address for the made up machine name.
> 
> You still have to edit /etc/hosts for each new machine, but once and only once 
> per machine.
> 

Alternative:

~/.ssh/config
	CheckHostIP
		   If this flag is set to ``yes'', ssh(1) will additionally check
		   the host IP address in the known_hosts file.  This allows ssh to
		   detect if a host key changed due to DNS spoofing.  If the option
		   is set to ``no'', the check will not be executed.  The default is
		   ``yes''.

BR, Bob
-- 
users mailing list
[email protected]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux