Re: ssh-ing in inside private network
On Thursday 31 March 2016 15:08:24 Brian wrote:
> On Thu 31 Mar 2016 at 13:27:35 +0100, Lisi Reisz wrote:
> > On Thursday 31 March 2016 12:28:57 tomas@tuxteam.de wrote:
> > > 1. Each computer should have an SSH server running (on Debian that
> > > would be package openssh-server: in Debian it has priority "optional":
> > > I'd double-check that it's installed)
> >
> > It is installed. How do I check that it is running?
>
> Use 'ssh user@somewhere'. 'Connection refused' is a good indication
> there is no ssh server on port 22.
>
> > Previously (under Wheezy) using Fish, I have been getting the first part
> > of the message and asked if I want to accept the new identification.
> > Fish presumably then edited the file. So I need static IPs fast! or a
> > hosts file? I have some learning to do. Static IPs I have no problem
> > over, I just
>
> The IP and host in /etc/hosts is fine. Alternatively, with avahi-daemon
> on the machines you would do 'ssh someone@eros.local'. Use with static
> or dynamic IPs and not have the bother of maintaining a hosts file.
Right, I am making (slow) progress. My next question is at the end after my
progress report.
Here is how far I have got:
I tried and failed to edit ~/.ssh/known_hosts because it was encrypted. So I
googled, and set it in ssh_conf to unencrypted. It remained encrypted, of
course, so I did the following:
---------------------------------
lisi@Tux-II:~/.ssh$ ls
known_hosts
lisi@Tux-II:~/.ssh$ mv known_hosts known_hosts.old
lisi@Tux-II:~/.ssh$ ls
known_hosts.old
lisi@Tux-II:~/.ssh$ ssh peter@192.168.0.3
The authenticity of host '192.168.0.3 (192.168.0.3)' can't be established.
ECDSA key fingerprint is 08:3b:5d:cd:fd:cf:1c:c2:22:e2:09:85:51:cb:7e:01.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.3' (ECDSA) to the list of known hosts.
peter@192.168.0.3's password:
[snip]
peter@Nyx-II:~$ su
Password:
[snip successful update/upgrade via ssh]
root@Nyx-II:/home/peter# exit
exit
peter@Nyx-II:~$ ~
-bash: /home/peter: Is a directory
peter@Nyx-II:~$ logout
Connection to 192.168.0.3 closed.
lisi@Tux-II:~/.ssh$ ssh peter@Nyx-II
ssh: Could not resolve hostname Nyx-II: Name or service not known
lisi@Tux-II:~/.ssh$ cat known_hosts
192.168.0.3 ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPtZCRJi2qUfVbHC2xSJbDbnLDnxNIAc9gIQkhmT1MDtsWKqfKeAAp9zWhXP+ZN7E57tCqERtJM4UktWMnxnpY4=
lisi@Tux-II:~/.ssh$ ssh peter@192.168.0.4
<note: Eros this time. It was Nyx-II before>
The authenticity of host '192.168.0.4 (192.168.0.4)' can't be established.
ECDSA key fingerprint is d9:2e:38:29:07:f8:8a:6d:4b:dd:28:60:ad:c9:e5:a3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.4' (ECDSA) to the list of known hosts.
peter@192.168.0.4's password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed May 25 00:04:29 2016
peter@Eros:~$ logout
Connection to 192.168.0.4 closed.
lisi@Tux-II:~/.ssh$ ssh lisi@192.168.0.5
The authenticity of host '192.168.0.5 (192.168.0.5)' can't be established.
ECDSA key fingerprint is bd:35:63:80:a8:e8:37:c5:0a:f6:05:03:3c:00:a8:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.5' (ECDSA) to the list of known hosts.
lisi@192.168.0.5's password:
Permission denied, please try again.
lisi@192.168.0.5's password:
Connection closed by 192.168.0.5
lisi@Tux-II:~/.ssh$ ssh lisi@192.168.0.5
lisi@192.168.0.5's password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have new mail.
Last login: Tue May 24 14:27:14 2016
lisi@Hermes:~$ logout
Connection to 192.168.0.5 closed.
<this was to Debian on Hermes, which currently dual boots.>
--------------------------------------------------------------
<next to Ubuntu>
lisi@Tux-II:~/.ssh$ ssh root@192.168.0.5
ssh: connect to host 192.168.0.5 port 22: No route to host
lisi@Tux-II:~/.ssh$
----------------------------------------------------
So - the key changed when you change operating system. A nuisance but hardly
surprising, and easily remediable after you kind souls showed me the way.
Delete relevant line from known_hosts (now unencoded), and then:
----------------------------------------------------
lisi@Tux-II:~$ ssh lisi@192.168.0.5
The authenticity of host '192.168.0.5 (192.168.0.5)' can't be established.
ECDSA key fingerprint is 06:8b:1e:77:8d:7f:56:50:6f:13:30:d7:13:92:36:20.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.5' (ECDSA) to the list of known hosts.
lisi@192.168.0.5's password:
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-22-generic x86_64)
* Documentation: https://help.ubuntu.com/
0 packages can be updated.
0 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
lisi@Hermes:~$ logout
Connection to 192.168.0.5 closed.
-----------------------------------------------
Now to do what I really wanted to do all along, and ssh in to run level one as
root:
lisi@Tux-II:~$ ssh root@192.168.0.5
ssh: connect to host 192.168.0.5 port 22: No route to host
lisi@Tux-II:~$ ssh lisi@192.168.0.5
-------------------------------------------------------
Help!! This was the point of the whole exercise. I want CLI only (no X
running) access to the Ubuntu installation on Hermes.
Where next?????
Thanks,
Lisi
Reply to: