SSH tunneling with multiple IPs?
 

I have an SSH server set up on my VPS and my VPS has multiple IP addresses.
When I connect to any of the IP addresses I can login successfully, but when I use it for tunneling and go to whatsmyip.org I always see my first IP (eth0).
The interfaces for the IP addresses are eth0, eth0:0, and eth0:1.
How do i force the application (sshd) to use the interface that its bound on?

Still not solved.
This helped me a lot: http://linux-ip.net/html/adv-multi-internet.html
in that i can make it so outgoing connections made on certain ports go to certain IP addresses but I'm still trying to figure out a way for the IP address thats bound to the SSH server is the IP address that's used for outgoing connections.
no luck as of yet.... I'm going to look into iptables and iproute to see what I can do...

You haven't told us what you've tried, but did you try "-b" as an option to ssh?

Oh sorry, hahaha. I'm new to this forum so i didn't realize, but this is what i tried:

and what that does it force outgoing connections through the tunnel that are going to HTTP pages to be on that IP but i want it so if you connect on an IP it uses that IP to make outgoing connections.

I don't understand what you are saying. To much "that IP".

the ssh server is bound to multiple interfaces.
When I connect from a remote computer to the server on, let's call it xx.xxx.239.121, I want the server to make outgoing connections to websites with the IP address xx.xxx.239.121
and if i connect to the ssh server on xx.xxx.239.120 i want it to connect to websites with xx.xxx.239.120
and if i connect to the ssh server with xx.xxx.239.122 i want it to connect to websites with xx.xxx.239.122
and so on.

Where did that nice person go who was helping me out? Anyone else have any ideas?

Bump for help.

You still haven't told us what you have tried. Have you looked into either the -R or -D options to ssh?

I figured it out. I just used iptables to specify which IP address each user uses.

#!/bin/sh

wan1_dev=`venet0:0`
wan1_ip=`VENET0:0 IP ADDRESS`
wan1_gw=`VENET0:0 GATEWAY`
wan2_dev=`venet0:1`
wan2_ip=`VENET0:1 IP ADDRESS`
wan2_gw=`VENET0:1 GATEWAY`

ip_start()
{

#delete default route(s)
ip rule flush
ip route del default
ip route del default

ip rule add lookup main prio 32766
ip rule add lookup default prio 32767

#make tables and bind them to marks
ip rule add from $wan1_ip table 100 prio 100
ip rule add fwmark 0x100 table 100 prio 101

ip rule add from $wan2_ip table 200 prio 200
ip rule add fwmark 0x200 table 200 prio 201

ip route flush table 100
ip route flush table 200

WAN1ROUTE="$(ip route | grep link | grep $wan1_dev)"
WAN2ROUTE="$(ip route | grep link | grep $wan2_dev)"

#anyhting in table 100 will go through wan1
#anything in table 200 will go through wan2
ip route add table 100 to $WAN1ROUTE
ip route add table 200 to $WAN2ROUTE

ip route add table 100 default via $wan1_gw
ip route add table 200 default via $wan2_gw

#this will make the default route (no marks)go through wan1 always
ip route delete default
ip route add default via $wan1_gw dev $wan1_dev

}

set_mark()
{
iptables -t mangle -A PREROUTING -p tcp --match owner --uid-owner 1000 -j MARK --set-mark 0x100
iptables -t mangle -A PREROUTING -p udp --match owner --uid-owner 1000 -j MARK --set-mark 0x100
iptables -t mangle -A PREROUTING -p tcp --match owner --uid-owner 1001 -j MARK --set-mark 0x200
iptables -t mangle -A PREROUTING -p udp --match owner --uid-owner 1001 -j MARK --set-mark 0x200
}


that was my solution

It would be nice if the Original Poster mentioned how he did that. I've been trying to do something like that for a while now.

Got VPS hosting with 3 IPs. Whichever IP I SSH to (using Putty), the SOCKS5 tunnel I create will have the same outbound IP (venet0:0, XXX.XXX.XXX.161).

If anyone knows how to do what N4melessS0ldier say he did, please please please show us! :)

Thank you kindly,
E71

BUMP. I'm having the same issue. Can anyone walk me through the process?

BUMP. same problem here, try to use iptables match owner like 5andr0 mentioned to solve it，but when i issue
the following message：
And i read iptables man page mention that owner match only valid in the OUTPUT and POSTROUTING chains :confused: any one can help me please please :)