Hi,
I have the following unusual setup:
F is a firewall host. Its external Interface has IP 172.16.20.4, and
the internal Interface ist 192.168.215.1.
A and B are internal hosts with IPs 192.168.215.31 and 192.168.215.71.
F's port 10022 is transparently forwarded to A's port 22;
F's port 20022 is transparently forwarded to B's port 22.
So, connecting to 172.16.20.4:10022 gives an ssh connection to A;
connecting to 172.16.20.4:20022 gives an ssh connection to B.
Obviously, the ssh client can't cope with that since it complains
about the different host keys.
Wouldn't it be a good idea to have the client cache IP:port to
known_hosts instead of the IP only? That way, it would also be
possible to run differently configured ssh daemons on a single box.
Or am I missing something and there are reasons to handle IPs instead
of IP:port pairs?
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
I have the following unusual setup:
F is a firewall host. Its external Interface has IP 172.16.20.4, and
the internal Interface ist 192.168.215.1.
A and B are internal hosts with IPs 192.168.215.31 and 192.168.215.71.
F's port 10022 is transparently forwarded to A's port 22;
F's port 20022 is transparently forwarded to B's port 22.
So, connecting to 172.16.20.4:10022 gives an ssh connection to A;
connecting to 172.16.20.4:20022 gives an ssh connection to B.
Obviously, the ssh client can't cope with that since it complains
about the different host keys.
Wouldn't it be a good idea to have the client cache IP:port to
known_hosts instead of the IP only? That way, it would also be
possible to run differently configured ssh daemons on a single box.
Or am I missing something and there are reasons to handle IPs instead
of IP:port pairs?
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29