Jump to content

cannot connect via ssh


Trio3b
 Share

Recommended Posts

internet<->DSL modem <-> eth0 (PC1 MDK10.2)eth1 <-> hub <-> eth0 (PC2 MDV2008/PCLOS2007), eth0(PC3 Sidux)

 

PC1 eth1 setup static 192.168.10.1 (gateway)

PC2 eth0 setup static 192.168.10.2

PC3 eth0 setup static 192.168.10.3

 

All internet sharing is fine.

 

When booted into PCLOS on PC2 I can connect between PC1 and PC2 via sftp, so I believe NIC, hub and cable are fine.

 

I can connect between PC1 and PC3 via sftp

 

When booted into MDV2008 I can connect to PC1 FROM PC2 but not other way around. Error is "could not connect to host 192.168.10.2"

 

Any ideas?

 

Thanks

Edited by Trio3b
Link to comment
Share on other sites

Do you have SSH running on PC2?

 

netstat -tunlp

 

and look for port 22 listening. Do you have anything odd in /etc/hosts.deny? Is iptables running and blocking the port? Perhaps install nmap on PC1, and then do:

 

nmap 192.168.10.2

 

and see what ports are listening and can be seen from PC1. If you can't see port 22 listening, then either /etc/hosts.deny or iptables on PC2 is causing your blockage.

Link to comment
Share on other sites

OK, I think it was the firewall setting (I checked the everything tick-box). I'm getting closer now b/c beforehand nothing would happen. Now I'm getting the "the host fingerprint has changed" message.

 

Problem is I entered this into known_hosts on PC1 but still no go. THere is already a fingerprint assigned to 192.168.10.2 from the PCLOS2007 installation. How can I either load two different fingerprints into the known_hosts file, or copy the fingerprint from the PCLOS install to the MDV install or otherwise trick the known_host file on PC1 to see both installations the same since they are using the same IP address and NIC card?

 

I found the /etc/ssh file loaded with xxx_key files on the PCLOS PC2 but they are all gibberish encryptions and not in the xx:xx:xx:xx: format. If I could copy this to the MDV2008 /etc/ssh, then I assume PC2 would send the same fingerprint to PC1 no matter which OS I was booted into on PC2. Am I close?

 

Thanks

Edited by Trio3b
Link to comment
Share on other sites

If both machines Mandriva and PCLinuxOS are using the same IP address, then this will be a problem, and this is why you'll have a fingerprint problem with SSH. Therefore, give the machine a different IP address for Mandriva and PCLinuxOS to overcome this problem.

Link to comment
Share on other sites

Dual boot has nothing to do with it. Each ssh daemon is going to have a different key. It ties this to the IP. Therefore, a machine can only store one IP and one SSH key. You cannot store two SSH keys with the same IP. That is why I said give it a different IP for Mandriva and PCLinuxOS. Then, when you connect from another machine, the known_hosts file will store each of the details without a conflict. This is done for security reasons and is why you're experiencing the problem.

 

Either that, or each time you want to connect to the other machine, delete the entry from the known_hosts file so it gets created again. But that is too much hassle. Having two different IP's that you never have to change again later is much less hassle, and you'll never have the problem with SSH.

Link to comment
Share on other sites

I just thought that if you *really* must have the same IP on both PCLinuxOS and Mandriva, then I would suggest that you create entries in /etc/hosts and resolve both hostnames to the IP. Then when you use ssh you use the hostname rather than the IP address to connect. That way, the known_hosts will store the hostname and the key, instead of the IP. And should mean you can use the same IP for both PCLinuxOS and Mandriva.

 

So, for example, if PC2 is Mandriva and PCLinuxOS, you edit the /etc/hosts file on PC1 and PC3, so that you have:

 

192.168.10.2 mandriva pclinuxos

 

replace mandriva or pclinuxos with the actual hostnames. Then, when you use:

 

ssh mandriva
ssh pclinuxos

 

for example - again change hostnames here, it will check /etc/hosts to resolve the name, and the entry in known_hosts will use a combination of the hostname and ip, instead of just the ip. At least that's what I think. Give it a go unless you are OK with changing the IP's and having different ones for each machine. If the hostname doesn't work, then you'll need to use different IP's.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...