Re: A question about ssh RSA key connection
- From: Sharad <sharad2011@xxxxxxxxx>
- Date: Tue, 25 Aug 2009 00:39:49 +0530 (IST)
How is your DNS setup? How does this work when you connect with hostnames instead of IP Addresses? Do other two aliases (uplink0:1 and 0:2) have same name as primary interface's?
--- On Mon, 24/8/09, 徐广 <xuguang181@xxxxxxxxx> wrote:
From: 徐广 <xuguang181@xxxxxxxxx>
Subject: Re: A question about ssh RSA key connection
To: "ming.zym@xxxxxxxxx" <ming.zym@xxxxxxxxx>
Date: Monday, 24 August, 2009, 8:46 AM
Thanks ming for your reply
When I connect to 126.96.36.199 the from ip would
188.8.131.52, but when I try to connect to other servers,
ip became 184.108.40.206, so this is really refusing me.
this is far from a ssh problem, as the connect srcaddress is selected
by system, mostly by the default routing set, in yourcase, there are
many IP in the same vlan/ip space, that will bechoosed to be the first
ip in your ip list, .130 is the first then.your src ip
you may use the "-b" option if you really need to set
address.up ssh connection
在 2009-08-22六的 12:10 +0800，徐广写道：
I recently met with a problem when trying to set
rsa -fthrough the ssh key
I first create a key through command ssh-keygen -t
created under /.ssh/.ssh/pmcftp_id_rsa -P "" , two files would be
an entry into thepmcftp_id_rsa and pmcftp_id_rsa.pub, then I insert
from="220.127.116.11,18.104.22.168" this should.pub file -
sources of these tworestrickt that the ssh key should only work for
Then I push the public key to another server under
ssh -I pmcftp -i.that, I start the ssh connection through command
connection would be set up./ssh/pmcftp_id_rsa <server ip>, the ssh
has several ipwithout asking for the passwd.
But, when I create the ssh key on a server that
flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>address, like following:
127.0.0.1 netmask ff0000008232 index 1
22.214.171.124 netmask ffffff00 broadcast 126.96.36.199mtu 1500 index 2
188.8.131.52 netmask ffffff00 broadcast 184.108.40.206mtu 1500 index 2
220.127.116.11 netmask ffffff00 broadcast 18.104.22.168mtu 1500 index 2
1500 index 3
192.168.47.1 netmask ffffff00 broadcast 192.168.47.255inet
22.214.171.124 into the from ip list=====
And added ip 126.96.36.199 and
serverentry in the key file, then I push the ssh key to
the source)188.8.131.52 (which should be the same server as
through command ssh -IThen when I try to start the ssh connection
the key does not workpmcftp -i. ./ssh/pmcftp_id_rsa 184.108.40.206 ,
key but not from aanymore, and the log give info like this
Authentication tried for pmcftp with correct
ip=220.127.116.11)permitted host (host=iems196-unit0,
Obviously, here the from ip list does not include
18.104.22.168 not other ipsthe ssh connection treate the from ip as
./ssh/pmcftp_id_rsaof this server.
Then I tried another command
Ssh -b 22.214.171.124 -I pmcftp -i.
126.96.36.199 and it's in the188.8.131.52 the key works well again.
The -b option is binding the from ip to
is obtained? Whenfrom ip list in the key file.
how the ip of the from side of the ssh connection
ips how would the ipthe from side of the ssh connection has several
advance!address be determined by the to side?
Any info would be highly appreciated, thanks in
Love Cricket? Check out live scores, photos, video highlights and more. Click here http://cricket.yahoo.com