LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-14-2005, 03:52 PM   #1
kz26
Member
 
Registered: Aug 2005
Location: USA
Distribution: Fedora, Ubuntu, Backtrack
Posts: 70

Rep: Reputation: 15
SSH'ing between two computers through a router


Hi, I have a Linksys WRT54G router with 3 clients:
a FC3 laptop (wireless), a FC4 desktop (wireless), and a RH9 box
sitting next to the router and connected via Ethernet wire into the
router's built in switch.

When I SSH between the wireless laptop and desktop, the 'last login from'
message correctly displays the IP address of the connecting computer.
However when I SSH the wired RH9 box from my wireless computers, it always says that the last
login came from 192.168.2.1 (the router).

This causes a problem. I like to use ssh-keygen to generate public/private keys so I don't have to type passwords for SSH logins.
This would work if the computers were directly connected via crossover cable or something.
But because the computers are connecting through the router, I (this is my idea of a fix) have to
somehow generate a publickey for the router.

The router, by the way, is using alchemy firmware, so I can ssh into the router.
I tried generating a public key on the router, but that didn't work.

Any ideas of what I should do?
 
Old 08-14-2005, 05:12 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,535

Rep: Reputation: 148Reputation: 148
I guess the router makes some kind of masquerade... If you don't plan to remove it you can configure a tunnel to reach the server. Or just generate keys on the wireless machines and add an entry on the server to accept the keys, but use them for 192.168.2.1 address. You then need one pair of keys for one user on the wireless ones.
 
Old 08-14-2005, 08:09 PM   #3
maroonbaboon
Senior Member
 
Registered: Aug 2003
Location: Sydney
Distribution: debian
Posts: 1,495

Rep: Reputation: 48
Are you sure the machines are configured correctly? It seems to me that no masquerade should be involved within the internal network. What does the 'route' command say for the machines involved?
 
Old 08-14-2005, 09:22 PM   #4
kz26
Member
 
Registered: Aug 2005
Location: USA
Distribution: Fedora, Ubuntu, Backtrack
Posts: 70

Original Poster
Rep: Reputation: 15
How would I use tunneling in SSH or set up my router to masquerade?
 
Old 08-14-2005, 09:36 PM   #5
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 117Reputation: 117
Why don't you just generate keys and make them valid for the whole 192.168.2.0/24 network? This network could never appear in the real world side of things, so your ISP should be blocking packets (and any smart router will do the same).
 
Old 08-14-2005, 09:39 PM   #6
maroonbaboon
Senior Member
 
Registered: Aug 2003
Location: Sydney
Distribution: debian
Posts: 1,495

Rep: Reputation: 48
Masquerading is just another word for routing. It's what routers do for a living. My PC is currently attached to a WRT54G and the route command says

% route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0

So any packet sent to an address 192.168.1.* should get there directly. If the address does not match this pattern the packet goes to the default address 192.168.1.254 (which is the WRT54G in this case). The router then passes it upstream to the ISP. Externally the packet appears to have come from the router. So the internal PC is hiding or 'masquerading' behind the router.

If you only have the default route then even internally it may look like all packets are coming from the router.
 
Old 08-14-2005, 11:09 PM   #7
kz26
Member
 
Registered: Aug 2005
Location: USA
Distribution: Fedora, Ubuntu, Backtrack
Posts: 70

Original Poster
Rep: Reputation: 15
I only know how to use ssh-keygen to generate keypairs for a single computer, not a whole network. Could someone show me how to generate keys for my entire 192.168.2.0/255.255.255.0 network?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connecting two computers without a hub/switch/router? pilot1 Linux - Networking 8 07-15-2008 04:31 AM
is it possible for 2 computers behind a router to talk directly or do i need vpn solusrex Linux - Networking 35 08-19-2006 04:44 AM
Computers behind router behind computer behind router remi Linux - Networking 1 05-05-2005 05:08 PM
Connect multiple computers behind a broadband router timyaukey Linux - Networking 4 07-03-2004 08:44 AM
Connecting two computers via a Netgear router. SILVERPENGUIN Linux - Networking 7 01-19-2004 07:39 PM


All times are GMT -5. The time now is 12:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration