Here's what I do for the same thing: ssh -o HostKeyAlias=secondmachine.example.com -p 24 firewall.example.com
I haven't checked to see if I have the options others have mentioned in my config, but I probably do. Cheers, Tanner On Sun, 23 Jan 2005 22:43:46 -0500, Brian Henning <[EMAIL PROTECTED]> wrote: > Hi Y'all, > I now have two ssh-serving hosts behind a NAT firewall at $work. One, > representing my workstation, is port-forwarded from a nonstandard port (for > argument, we'll call it 12345). The other, representing a server running > various services, is on the standard port. > The irritation I am encountering is that the command-line ssh client (on > RH7.3) doesn't seem to want to understand that specifying a different port > could really mean a different host. Therefore, after I connect to one (ex. > ssh [EMAIL PROTECTED]) and accept the RSA key to be added to > ~/.ssh/known_hosts, > when I connect to the other (ex. ssh -p 12345 [EMAIL PROTECTED]), it balks > because > the RSA key is different. So I have to open up ~/.ssh/known_hosts, delete > the work.net line, and start over. > What's the best way to resolve this? Am I doomed to editing > ~/.ssh/known_hosts each time? Or is there a less-strict checking option? > Or would it work to add a /etc/hosts entry to alias that IP to another name > for one of the two destination machines, thereby fooling (or satisfying) ssh > that it is in fact two intentionally different endpoints? > Most importantly, I do want to continue having more than one ssh endpoint > inside the firewall perimeter, so when one goes kaput, I can get to the > other one and do some useful stuff inside the perimeter to try to diagnose > and/or fix the problem. > > Thanks! > ~Brian > > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > -- Tanner Lovelace clubjuggler at gmail dot com http://wtl.wayfarer.org/ http://www.freeiPods.com/?r=8127171 (fieldless) In fess two roundels in pale, a billet fesswise and an increscent, all sable. -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
