Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Problem with ssh

  1. #1
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    632

    Default Problem with ssh

    I have 5 opensuse computers on my home network. I use ssh to log into each of them to perform updates from my desktop. I can log into all but one of them using their host name as such:
    Code:
    bart@UNIVAC:~> ssh PDP-11 -lbart
    Password: 
    Last login: Sat Feb 27 13:16:17 2021 from 10.118.118.5
    Have a lot of fun...
    bart@PDP-11:~>
    However, one of the machines will not let me in this way. I can log in using the ip address:
    Code:
    bart@UNIVAC:~> ssh 10.118.118.8 -lbart
    Password: 
    Last login: Sat Feb 27 13:03:55 2021 from 10.118.118.5
    Have a lot of fun...
    bart@VAX-11:~>
    and, as you can see, it returns with the host name as the prompt. However, if I use the hostname:
    Code:
    bart@UNIVAC:~> ssh VAX-11 -lbart
    I only get the cursor at the left of the screen. I have to Ctrl-C to get the prompt back.

    What am I missing?

    Bart

  2. #2
    Join Date
    Mar 2011
    Location
    Sauerland
    Posts
    5,558

    Default AW: Problem with ssh

    Is the Name in your /etc/hosts

    Or how do you get your intern DNS?

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    13,285
    Blog Entries
    2

    Default Re: Problem with ssh

    @Saurland is saying that your name resolution isn't mapping the machine name to the IP address on the client machine.
    There are a number of ways this can be done on your network, most commonly by a /etc/hosts entry or by DNS.
    What are you doing regarding the other machines you can connect successfully and why is this machine different?
    Implement the same solution to fix this one machine.

    Most likely connecting by IP address and returning the machine name as a response is because the remote machine did that mapping for you, and if you're using a certificate for encryption, the certificate requires the connection by name.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  4. #4
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    14,996
    Blog Entries
    3

    Default Re: Problem with ssh

    Quote Originally Posted by montana_suse_user View Post
    What am I missing?
    This is strange.

    My first guess would be that something in ".bashrc" isn't working or is waiting for an addition line of input. But it is hard to guess what might be wrong.
    openSUSE Leap 15.2; KDE Plasma 5.18.5;

  5. #5

    Default Re: Problem with ssh

    Could you add the -v option to get some ssh debug messages.
    Code:
    > ssh -v VAX-11 -lbart

  6. #6
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    632

    Default Re: Problem with ssh

    Quote Originally Posted by tsu2 View Post
    @Saurland is saying that your name resolution isn't mapping the machine name to the IP address on the client machine.
    I understand. That's the conclusion I came to.

    There are a number of ways this can be done on your network, most commonly by a /etc/hosts entry or by DNS.
    I would rather not maintain a hosts file on each machine. That means I need to set up a DNS server, correct? Should that be on my router?


    What are you doing regarding the other machines you can connect successfully and why is this machine different?
    When I decided to try using ssh, I went to each of the remote machines and made sure sshd was running. Then, I just opened konsole and used the ip address to connect and it worked. Some time later, I wondered if it would work using the host name, so I tried it and again, it just worked. I did get a certificate and accepted it each time, both for the ip address and again for the host name.


    Implement the same solution to fix this one machine.
    Using yast, I have gone through all the settings I can find and they are all the same on all machines.

    Most likely connecting by IP address and returning the machine name as a response is because the remote machine did that mapping for you, and if you're using a certificate for encryption, the certificate requires the connection by name.

    TSU
    I have checked the hosts file on all the machines on this network and none have anything in them except the information placed there by the installation. I have not configured a DNS on anything on my network. Everything points to my ISP's DNS. As I understand from the posts here, I shouldn't be able to log into any of the machines, yet I can.

    Bart

  7. #7
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    632

    Default Re: Problem with ssh

    Quote Originally Posted by rawar View Post
    Could you add the -v option to get some ssh debug messages.
    Code:
    > ssh -v VAX-11 -lbart
    Code:
    bart@UNIVAC:~> ssh -v VAX-11 -lbart
    OpenSSH_8.1p1, OpenSSL 1.1.1d  10 Sep 2019
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 20: Applying options for *
    debug1: Connecting to VAX-11 [198.105.244.23] port 22.
    ^C
    bart@UNIVAC:~>
    Where on earth did 198.105.244.23 come from? That's an address outside of my network. Could my ISP's DNS be returning that address? Maybe my "cutsie" little naming system for devices isn't so great after all! I guess this is a good example of why one should set up a DNS on their network.

    Should it go on my router, or on the server? I only need to list the devices on my network?

    Bart

  8. #8

    Default Re: Problem with ssh

    Well the 198.105.244.23 is a internet ip registered for Akamai according to whois.
    Could you post
    Code:
    dig VAX-11
    and
    Code:
    dig PDP-11

  9. #9
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    632

    Default Re: Problem with ssh

    Code:
    bart@UNIVAC:~> dig VAX-11
    
    ; <<>> DiG 9.16.6 <<>> VAX-11
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30747
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;VAX-11.                                IN      A
    
    ;; ANSWER SECTION:
    VAX-11.                 10      IN      A       198.105.244.23
    VAX-11.                 10      IN      A       198.105.254.23
    
    ;; Query time: 232 msec
    ;; SERVER: 10.118.118.91#53(10.118.118.91)
    ;; WHEN: Wed Mar 03 11:06:22 MST 2021
    ;; MSG SIZE  rcvd: 56
    and
    Code:
    bart@UNIVAC:~> dig PDP-11
    
    ; <<>> DiG 9.16.6 <<>> PDP-11
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23663
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;PDP-11.                                IN      A
    
    ;; ANSWER SECTION:
    PDP-11.                 0       IN      A       10.118.118.11
    
    ;; Query time: 4 msec
    ;; SERVER: 10.118.118.91#53(10.118.118.91)
    ;; WHEN: Wed Mar 03 11:07:38 MST 2021
    ;; MSG SIZE  rcvd: 51
    I'll bet Akamia is quite happy with me.

    Bart

  10. #10

    Default Re: Problem with ssh

    Is 10.118.118.91 your ISP router ? I would guess that PDP-11 is resolved direct from 10.118.118.91 and VAX-11 is forwarded to the ISP upstream DNS servers.
    And these servers return some rubbish for unknown DNS requests instead of NXDOMAIN.
    Is it possible that the PDP-11 machine gets its IP from the 10.118.118.91 router via DHCP and the VAX-11 machine is using a static IP setup ?
    If the router is adding DHCP clients to a local DNS resolver in the router this could maybe explain this strange behavior.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •