Known hosts, multiple machines behind router - SSH

This is a discussion on Known hosts, multiple machines behind router - SSH ; Hi, I have two computers (X and Y) behind an ADSL router. I have set up port forwarding so that I can reach each of them individually from the internet. Port 22 redirects to machine X port 22 and Port ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Known hosts, multiple machines behind router

  1. Known hosts, multiple machines behind router

    Hi,

    I have two computers (X and Y) behind an ADSL router. I have set up port
    forwarding so that I can reach each of them individually from the
    internet. Port 22 redirects to machine X port 22 and Port 2222 redirects
    to machine Y port 22. Unfortunately this gives me problems with my known
    hosts file. After connecting to machine X via ssh from a given computer on
    the internet, machine X's key is added to known hosts. If I now try to
    connect to machine Y, I get n error message stating that the key has
    changed etc. I need to remove a line in my known hosts file to make things
    work.

    Is there a way to make known hosts take the port number into account and
    thus create separate entries for machine X and machine Y?

    Thanks,

    Burnce


  2. Re: Known hosts, multiple machines behind router

    >>>>> "Burnce" == Burnce writes:

    Burnce> Hi, I have two computers (X and Y) behind an ADSL router. I
    Burnce> have set up port forwarding so that I can reach each of them
    Burnce> individually from the internet. Port 22 redirects to machine X
    Burnce> port 22 and Port 2222 redirects to machine Y port
    Burnce> 22. Unfortunately this gives me problems with my known hosts
    Burnce> file. After connecting to machine X via ssh from a given
    Burnce> computer on the internet, machine X's key is added to known
    Burnce> hosts. If I now try to connect to machine Y, I get n error
    Burnce> message stating that the key has changed etc. I need to remove
    Burnce> a line in my known hosts file to make things work.

    Burnce> Is there a way to make known hosts take the port number into
    Burnce> account and thus create separate entries for machine X and
    Burnce> machine Y?

    You can have multiple keys per host. Make both keys acceptable for
    authenticating a connection to the router:

    [~/.ssh/known_hosts]

    router, ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA06eASKm8pzPO8RfR... key of host X
    router, ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtN94EKUGxBRLtH22... key of host Y

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread