SSH troubles
I'm using ssh and scp on a daily basis, and here are some stuff I dislike:
I use ssh most of the time to connect to one side of some tunnel. Tunnels start at my localhost at different ports. So I use something like:
ssh -p 22002 localhost
ssh -p 22003 localhost
etc.
However, I get: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ...etc.
IMHO, ssh should use hostname+port instead of just hostname to identify hosts.
Next thing, scp and ssh don't use the same flag to specify port. Ssh uses -p, while scp uses -P. What's even worse, if I sometimes forget myself, and give -p to scp, it silently ignores it and tries to contact the host at default port 22.
On our network, we also have a dialup server. The client that connects to it, always gets the same IP address (192.168.2.99). We use it when customer dials in, just:
ssh 192.168.2.99
and we're in... or not. Again, ssh's protective mechanisms step in and alert - not just alert, but also forbid the connection. In fact, that's the main thing I don't like about it. Ok, give me a warning, give me an option like:
Are you sure you wish to continue?
Instead of dreaded:
Add correct host key in /home/milanb/.ssh/known_hosts to get rid of this message.
Taking about being "user friendly"...
posted by Randy White @ 11:33
3 Comments:
I've thought this myself (host+port in .ssh/known_hosts), but I think the scary message should stay in place. BTW, a workaround I use under Debian is to add lots of names for 127.0.0.1 to /etc/hosts then ssh/scp from/to that hostname.
Great workaroung. I guess I should have thought of that.
Thanks.
I just re-read this old post of mine, and I realize that SSH guys have fixed this issue already (I don't know for how long, but it is working).
I don't know if my blog post had anything to do with it, but KUDOS and BIG THANKS to OpenSSH guys for this one.
Post a Comment
<< Home