Re: ssh through NAT firewall host ID problem

To: debian-user <debian-user@lists.debian.org>
Subject: Re: ssh through NAT firewall host ID problem
From: Gregory Seidman <gss+debian@cs.brown.edu>
Date: Wed, 10 Mar 2004 10:17:02 -0500
Message-id: <[🔎] 20040310151701.GB12048@cs.brown.edu>
Mail-followup-to: debian-user <debian-user@lists.debian.org>
Reply-to: gss+debian@cs.brown.edu
In-reply-to: <[🔎] 20040310100208.GA18830@luna.mooo.com>
References: <[🔎] 20040310100208.GA18830@luna.mooo.com>

On Wed, Mar 10, 2004 at 12:02:08PM +0200, Micha Feigin wrote:
} I have two computers at home running sshd which I can get to through my
} firewall using NAT on two different ports.
} The problem is that when connecting from the remote host to the
} different servers I start getting errors about wrong rsa key and it
} won't connect until I delete the known_hosts file.
} 
} How can I bypass this?

This is a common complaint, and has been discussed on the OpenSSH
mailing list. It seems to be seriously low priority to them. The
solution I use is to copy sshd host keys in /etc/ssh (/etc/ssh/*_key*)
from one machine to the other(s) so that they all have the same host
keys. Remember to restart sshd (/etc/init.d/ssh restart) after copying.

You'll have to remove the old entries from known_hosts, but it should be
happy from then on.

--Greg

Reply to:

Follow-Ups:
- Re: ssh through NAT firewall host ID problem
  - From: Colin Watson <cjwatson@debian.org>

References:
- ssh through NAT firewall host ID problem
  - From: Micha Feigin <michf@post.tau.ac.il>

Prev by Date: Subscribe
Next by Date: Radeon 9200SE and DVI-Out?
Previous by thread: Re: ssh through NAT firewall host ID problem
Next by thread: Re: ssh through NAT firewall host ID problem
Index(es):
- Date
- Thread