Re: SSH: remote login returns "invalid user"
On 12/09/10 02:49, brownh wrote:
All this is new to me, and I'll not be able to implement anything like
that before I must shortly leave.
But the whole situation strikes me as odd. Surely innumerable people
rely on a web hosting service to provide email services as well, and
yet it would seem none of them can use ssh to acccess a home or office
machine remotely without going through extraordinary gymnastics
regarding their IP address. An obvious step would be for me to find
out what my hosting service has to say. If I get a simple answer, I'll
report it back to this thread.
It maybe too late now, but it seems to me you are missing some basics.
I "own" the domain name hartley-consultants.com and I can control it
from a control panel on my domain registers site. You presumably own
"historicalMaterialism.info" in a similar fashion.
I can give my domain an ip-address, and I can also give subdomains such
as www.hartley-consultants.com and mail.hartley-consultants.com
If you look up these two names with anyone of several commands - such as...
host www.hartley-consultants.com and
host mail.harlley-consultants.com
you will see they have completely different ip addresses. So I could
ssh to www.hartley-consultants.com and arrive at one machine or ssh to
mail.hartley-consultants.com and arrive at another. This seems to be one
of the fundamental issues that you are puzzling over. If I ssh to
www.hartley-consultants.com I know I will get to where my web server is,
if I ssh to mail.hartley-consultants.com I should get to where my mail
is sent.
Funnily. as it happens mail.hartley-consultants.com is wrong - I sit on
my ISP in a dynamic block and every so often he gives me a new IP
address (normally I am running 24/7 and the ip address doesn't change at
all, but every so often, either I screw up my end ask for a new address
(normal rebooting just gets the same one over and over again), or he
re-arranges things and it changes.
But it is funny also because I also happen to want to tell
hartley-consultants.com to send mail to this address, and I until now I
hadn't noticed it was wrong, because I am actually send my mail request
to another one of my domains chandlerfamily.org.uk and its all been
handled fine (ie I have a registrar entry that says that mail for
hartley-consultants is being handled by home.chandlerfamily.org.uk.
This is how your mail to your domain can end up at your ISP's mail
server - which I think is what you implied.
Inside my home network I have a number of machines on a lan. I have
happened to have chosen not to call those some subdomain of
chandlerfamily.org.uk (although at one point in the past I have done it
that way, and called one of my machines kanga.chandlerfamily.org.uk, and
gave it an ip-address 192.168.0.12).
Now, as has been mentioned above, NAT is a technique to allow a single
ip address to support several machines to make OUTGOING connections. So
kanga.chandlerfamily.org.uk can make outgoing connections through my
router. The router does this remaking the connection to come from
itself (with the external ip address - in my case
home.chandlerfamily.org.uk) and remembers where the reply has to go - ie
back to 192.168.0.12.
The problem comes when you want to make INCOMING connections to
kanga.chandlerfamily.org.uk. The program trying to make that connection
looks it up and gets 192.168.0.12 and it doesn't know where to send this
to (its unroutable). Instead, I would ssh to home.chandlerfamily.org.uk
and (if it was a router rather than the linux box that it is) I would
forward the port to 192.168.0.12 - this is known as reverse NAT. But I
can only set the router to do it to one of my machines per port. In
this case I would use port 22 and forward it on.
If you have those basics I hope you can figure out what to do. I am
going to be out of touch from the internet for a while, so I won't be
able to follow up, but I am sure others can help you further with this base.
--
Alan Chandler
http://www.chandlerfamily.org.uk
Reply to: