Software Woes

Rants, tips and tricks



Wednesday, March 22, 2006



SSH troubles



I'm using ssh and scp on a daily basis, and here are some stuff I dislike:

I use ssh most of the time to connect to one side of some tunnel. Tunnels start at my localhost at different ports. So I use something like:

ssh -p 22002 localhost
ssh -p 22003 localhost
etc.


However, I get: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ...etc.

IMHO, ssh should use hostname+port instead of just hostname to identify hosts.

Next thing, scp and ssh don't use the same flag to specify port. Ssh uses -p, while scp uses -P. What's even worse, if I sometimes forget myself, and give -p to scp, it silently ignores it and tries to contact the host at default port 22.

On our network, we also have a dialup server. The client that connects to it, always gets the same IP address (192.168.2.99). We use it when customer dials in, just:

ssh 192.168.2.99

and we're in... or not. Again, ssh's protective mechanisms step in and alert - not just alert, but also forbid the connection. In fact, that's the main thing I don't like about it. Ok, give me a warning, give me an option like:

Are you sure you wish to continue?

Instead of dreaded:
Add correct host key in /home/milanb/.ssh/known_hosts to get rid of this message.

Taking about being "user friendly"...

3 Comments:

At 10:38 AM, Anonymous Anonymous said...

I've thought this myself (host+port in .ssh/known_hosts), but I think the scary message should stay in place. BTW, a workaround I use under Debian is to add lots of names for 127.0.0.1 to /etc/hosts then ssh/scp from/to that hostname.

 
At 12:51 PM, Blogger Randy White said...

Great workaroung. I guess I should have thought of that.

Thanks.

 
At 10:16 AM, Blogger Randy White said...

I just re-read this old post of mine, and I realize that SSH guys have fixed this issue already (I don't know for how long, but it is working).

I don't know if my blog post had anything to do with it, but KUDOS and BIG THANKS to OpenSSH guys for this one.

 

Post a Comment

<< Home