Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Here's a little noob story and an elaborate question.
I've got a LAN network at my workplace with about 30 nodes, two of which I currently operate.
The main machine I use is a desktop, but the second one is headless right now, so I wanted to be able to access it via SSH and VNC to not have to plug my only mouse and keyboard from one to the other all the time.
I managed to get SSH and VNC working, but if I reboot the machine and it gets a different IP address from the router I might now be able to find it.
I tried finding it by hostname, but arp doens't show any hostnames I thought devices advertise their hostnames somehow - maybe I'm wrong?
I was able to use nmap -O to discover Linux machines among the whole bunch, but that scan takes about 75 minutes on that network - not practical to do every time I want to log into SSH.
I've figured out that if I write down the MAC address of my remote machine I will be able to find it's IP:
Code:
arp | grep "ff:ff:ff:ff:ff:ff" | cut -d' ' -f1
That was after I manually checked the IP on the remote headless machine (oh the cables!) and had a working SSH and VNC connections. Haven't I did that - arp would probably not help me find that machine, would it?
I'd like to be able to find that machine on the network easily, that's probably very simple to do, but I can't figure it out.
I've realized that probably only IPs listed in /etc/hosts will be displayed in arp output, and that machines don't tell their hostnames to strangers, even on a local network.
Also - I guess using nmap is a last resort and if it were such a basic tool, it'd be installed on most Linux distributions by default.
I'm running Linux Mint 18.2 on both machines.
Last edited by unfa; 10-27-2017 at 12:40 PM.
Reason: Bad formatting.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Why not just give it a fixed IP address in the first place? In my experience even without that most leases are long enough that a simple reboot ought not to change the IP address. What's the layout of the network?
Here's a little noob story and an elaborate question.
I've got a LAN network at my workplace with about 30 nodes, two of which I currently operate. The main machine I use is a desktop, but the second one is headless right now, so I wanted to be able to access it via SSH and VNC to not have to plug my only mouse and keyboard from one to the other all the time. I managed to get SSH and VNC working, but if I reboot the machine and it gets a different IP address from the router I might now be able to find it. I tried finding it by hostname, but arp doens't show any hostnames I thought devices advertise their hostnames somehow - maybe I'm wrong?
I was able to use nmap -O to discover Linux machines among the whole bunch, but that scan takes about 75 minutes on that network - not practical to do every time I want to log into SSH. I've figured out that if I write down the MAC address of my remote machine I will be able to find it's IP:
Code:
arp | grep "ff:ff:ff:ff:ff:ff" | cut -d' ' -f1
That was after I manually checked the IP on the remote headless machine (oh the cables!) and had a working SSH and VNC connections. Haven't I did that - arp would probably not help me find that machine, would it? I'd like to be able to find that machine on the network easily, that's probably very simple to do, but I can't figure it out.
I've realized that probably only IPs listed in /etc/hosts will be displayed in arp output, and that machines don't tell their hostnames to strangers, even on a local network. Also - I guess using nmap is a last resort and if it were such a basic tool, it'd be installed on most Linux distributions by default. I'm running Linux Mint 18.2 on both machines.
The first thing I'd suggest would be to give your second machine a static IP address and if you can't do that, see if you can get a DHCP reservation (essentially, a static address that's automatically assigned). Those are the easiest options.
And yes, the arp command will work, try this:
Code:
arp -n | grep -i aa:bb:cc:dd:ee:ff
...instead. Note that if your lease expires, your ARP tables may take a short while to rebuild with the new entry, pointing to the right MAC address.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
nmap can give you the OS, but it does not give you the host name.
A fast tool to discover active IP addresses is fping which gives you all the active IP addresses. After that, the arp cache contains the MAC addresses of pinged machines and you can recognize your MAC address.
But it is still a workaround. Give that machine a fixed IP. Either by adding a reservation in the DHCP server, or assigning a unique address outside the DHCP address pool.
Another option (less known I think) is that virtually every Linux installation now supports IPv6. Since this is your local network you don't relay on external routers. Your host will have a unique, fixed IPv6 link local address.
This is the simplest way of performing host discovery is with nmap.
# nmap -sP 192.168.X.X/24
Another option is to install the Fing app on your phone. I love this app and use it on every network I connect to... Once intalled, just connect to your network and perform a discovery. Will show you every machine on that network and has the ability to save info for multiple networks. Just a thought
I would set a static ip down the line though to make shit easier for yourself
This is the simplest way of performing host discovery is with nmap.
# nmap -sP 192.168.X.X/24
Though setting a static IP address is the easiest, and best, way forward, nmap is really very useful to know. I'd say do both but only begin with nmap after setting the fixed IP.
Since the search is for SSH servers, the usual way would be to check port 22:
Code:
nmap -sT -p 22 -T 4 192.168.x.x/24
However, it really is one of those programs that is too complex for it to be practical to learn all the setting in advance. So instead mastery of navigating the manual page is necessary:
Code:
man nmap
Fortunately it is one of the well-written manual pages.
For what it is worth there is also a specialized tool, scanssh, which can scan for both SSH servers and SOCKS proxies.
Though setting a static IP address is the easiest, and best, way forward, nmap is really very useful to know. I'd say do both but only begin with nmap after setting the fixed IP. Since the search is for SSH servers, the usual way would be to check port 22:
Code:
nmap -sT -p 22 -T 4 192.168.x.x/24
However, it really is one of those programs that is too complex for it to be practical to learn all the setting in advance. So instead mastery of navigating the manual page is necessary:
Code:
man nmap
Fortunately it is one of the well-written manual pages. For what it is worth there is also a specialized tool, scanssh, which can scan for both SSH servers and SOCKS proxies.
Code:
scanssh -n 22 -s ssh 192.168.x.x/24
Nice one. Used nmap before, but scanssh is a new one for me, thanks.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.