PHWinfo - Afficher un message

07/11/2006, 09h27

Dear All,

The system administrator at my workplace here has done something that gave
me a great deal of mess every time I try to SSH login from Linux.

He has made some kind of port forwarding on a gateway host to protect some
internal hosts behind. To SSH access the various hosts behind, I am asked
to SSH to the gateway host, and a set of ports have been set aside which
map to port 22 for each server behind.

I think you can guess what the problem is. Due to different keys of each
host, every time I need to connect to another host through another port I
always need to go to known_hosts on my desktop machine to remove the line
corresponding to the gateway host, otherwise there will be a key mismatch
error preventing me from logging in further.

I think there ought to be better ways to handle this, but as a software
developer instead of an admin I am not aware if better methods exist. Or,
can we simply prevent the SSH client from writing to known_hosts?

The machines (desktop and servers) are all Linux machines and are all
using openssh. I'm pretty sure somebody may have experienced this in
the past, but I can find nothing useful on the Web. Thank you.

Regards,
Bernard Chan.

--
Posted via a free Usenet account from http://www.teranews.com

07/11/2006, 09h27	#1
Bernard Chan Messages: n/a Hébergeur:	Don't write to known_hosts Dear All, The system administrator at my workplace here has done something that gave me a great deal of mess every time I try to SSH login from Linux. He has made some kind of port forwarding on a gateway host to protect some internal hosts behind. To SSH access the various hosts behind, I am asked to SSH to the gateway host, and a set of ports have been set aside which map to port 22 for each server behind. I think you can guess what the problem is. Due to different keys of each host, every time I need to connect to another host through another port I always need to go to known_hosts on my desktop machine to remove the line corresponding to the gateway host, otherwise there will be a key mismatch error preventing me from logging in further. I think there ought to be better ways to handle this, but as a software developer instead of an admin I am not aware if better methods exist. Or, can we simply prevent the SSH client from writing to known_hosts? The machines (desktop and servers) are all Linux machines and are all using openssh. I'm pretty sure somebody may have experienced this in the past, but I can find nothing useful on the Web. Thank you. Regards, Bernard Chan. -- Posted via a free Usenet account from http://www.teranews.com