Re: ssh through NAT firewall host ID problem
On Wednesday 10 March 2004 08:23 am, Colin Watson wrote:
> On Wed, Mar 10, 2004 at 10:17:02AM -0500, Gregory Seidman wrote:
> > On Wed, Mar 10, 2004 at 12:02:08PM +0200, Micha Feigin wrote:
> > } I have two computers at home running sshd which I can get to through my
> > } firewall using NAT on two different ports.
> > } The problem is that when connecting from the remote host to the
> > } different servers I start getting errors about wrong rsa key and it
> > } won't connect until I delete the known_hosts file.
> > }
> > } How can I bypass this?
> >
> > This is a common complaint, and has been discussed on the OpenSSH
> > mailing list. It seems to be seriously low priority to them.
>
> As I understand it, it's difficult because the known_hosts format would
> need to be changed.
Couldn't ssh just use the specified host name instead of the resolved
hostname? I could set up my .ssh/config:
host machineA
Hostname firewall
Port 1234
host machineB
Hostname firewall
Port 1235
Seems like an easy fix, and wouldn't affect non-aliased entries in
known hosts. The first connection to aliased machines would be
flagged, but that's no big deal.
--
Rob (who is suffering the same issues)
Reply to: