shell ssh over a ssh tunnel - SSH

This is a discussion on shell ssh over a ssh tunnel - SSH ; hello i have a ssh tunnel available between internet/intranet network. but i can not login the gateway. only forward is available. how can i open a shell on a sshd server inside intranet throw the ssh gateway. ssh -N -L ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: shell ssh over a ssh tunnel

  1. shell ssh over a ssh tunnel

    hello

    i have a ssh tunnel available between internet/intranet network. but i
    can not login the gateway. only forward is available.
    how can i open a shell on a sshd server inside intranet throw the ssh
    gateway.

    ssh -N -L 22:sshd_intranet:22 sshd_gateway
    it do not work, ssh localhost returns:
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    It is also possible that the RSA host key has just been changed.
    The fingerprint for the RSA key sent by the remote host is

    thanks

  2. Re: shell ssh over a ssh tunnel

    Sylvain Ferriol wrote:
    > hello
    >
    > i have a ssh tunnel available between internet/intranet network. but i
    > can not login the gateway. only forward is available.
    > how can i open a shell on a sshd server inside intranet throw the ssh
    > gateway.
    >
    > ssh -N -L 22:sshd_intranet:22 sshd_gateway
    > it do not work, ssh localhost returns:
    > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
    > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
    > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    > Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    > It is also possible that the RSA host key has just been changed.
    > The fingerprint for the RSA key sent by the remote host is


    Remove the line starting with the remote hostname from your local
    $HOME/.ssh/known_hosts.

  3. Re: shell ssh over a ssh tunnel

    Steven Mocking wrote:
    > Remove the line starting with the remote hostname from your local
    > $HOME/.ssh/known_hosts.


    Forgot to mention: don't do this if you're using a private key for logins.

  4. Re: shell ssh over a ssh tunnel

    >>>>> "SM" == Steven Mocking writes:

    SM> Steven Mocking wrote:
    >> Remove the line starting with the remote hostname from your local
    >> $HOME/.ssh/known_hosts.


    SM> Forgot to mention: don't do this if you're using a private key for
    SM> logins.

    Why?

    --
    Richard Silverman
    res@qoxp.net


  5. Re: shell ssh over a ssh tunnel

    Richard E. Silverman a écrit :
    >>>>>>"SM" == Steven Mocking writes:

    >
    >
    > SM> Steven Mocking wrote:
    > >> Remove the line starting with the remote hostname from your local
    > >> $HOME/.ssh/known_hosts.

    >
    > SM> Forgot to mention: don't do this if you're using a private key for
    > SM> logins.
    >
    > Why?
    >

    i notice that i have to remove localhost line in .ssh/known_hosts, not
    remote hostname

  6. Re: shell ssh over a ssh tunnel

    Richard E. Silverman wrote:
    >>>>>> "SM" == Steven Mocking writes:

    >
    > SM> Steven Mocking wrote:
    > >> Remove the line starting with the remote hostname from your local
    > >> $HOME/.ssh/known_hosts.

    >
    > SM> Forgot to mention: don't do this if you're using a private key for
    > SM> logins.
    >
    > Why?


    More precisely: if you have your private key pasted into the known_hosts
    line, which is insecure, but surprisingly common.

  7. Re: shell ssh over a ssh tunnel

    On 2006-09-19, Sylvain Ferriol wrote:
    > i have a ssh tunnel available between internet/intranet network. but i
    > can not login the gateway. only forward is available.
    > how can i open a shell on a sshd server inside intranet throw the ssh
    > gateway.
    >
    > ssh -N -L 22:sshd_intranet:22 sshd_gateway
    > it do not work, ssh localhost returns:
    > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
    > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@


    You have a preexisting entry for localhost in the known_hosts file.

    Try:
    ssh -o HostKeyAlias=sshd_intranet localhost

    If it works then put a host entry for it into your ~/.ssh/config file, eg

    Host sshd_intranet
    Hostname localhost
    HostKeyAlias sshd_intranet
    CheckHostIP no

    Failing that you could check out the NoHostAuthenticationForLocalhost
    option in ssh_config(5), but HostKeyAlias is the better solution.

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

+ Reply to Thread