Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have 2 linux machine at home which are behind NAT router. I forward port 22 and another different port for each of the machine.
Since they are only differentiate by dffferent port, when i ssh from remote, i was prompt that the same IP has different rsa and stop me from login.
I'd like to know other then keep deleting /root/.ssh/known_hosts , anyway i can let ssh client know to tell the diffferent by port number? (so i dont' have to delete that ip entry all the time.)
This wouldn't be exactly standard practice in the security circles, but I guess you could make the two systems share the same hosts keys. Don't know if that would work, but you could give it a shot.
On my Debian system these host keys are found in /etc/ssh/ssh_host_* files. Four files total, two for dsa (pub and priv), two for rsa (pub and priv). Pick one system as the master, and copy it's keys over to the other system. Be sure and backup the original keys before overwriting in case you decide this is not a good thing to do and want to restore back to original conditions.
Distribution: Distribution: RHEL 5 with Pieces of this and that.
Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700
Rep:
This is the way I see it needs to be setup
machine one:
Static IP and set port to 22 for ssh
machine two:
Static IP different of course and set port to 22 for ssh
Now on the router. Portfoward on the external ip port 22 to machine 1 port 22. Then for the other portfoward on eternal port 23 to machine 2 port 22.
external xxx.xxx.xxx.xxx port 22 to internal machine 1 xxx.xxx.xxx.xxx port 22
external xxx.xxx.xxx.xxx port 23 to internal machine 2 xxx.xxx.xxx.xxx port 22
Or a you can ssh to one internal machine and once logged into that one ssh to the other.
I have the exact same problem because I am routinely accessing two different machines on the same LAN behind a router for a client of mine.
The only solution I have found is to use two different user IDs on my machine to access them. Typically I am using my ordinary user name to access one machine (on Port 21) and I am using my root user to access the other machine (on Port 22). Sometimes, depending on what I am doing, I ssh into one machine then ssh from that machine to the other machine to avoid using my root ID, but on those occasions where I have to directly access each machine, that is how I do it.
To make this clear, I have blocked root logins on those machines; I am not logging onto the remote machine as root. On my system, I am opening a shell, su to root, then logging into the remote machine like this: ssh -Y -f user@server xterm.
Since I have two different userIDs in use on my machine, I avoid the rsa problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.