On Fri, Jun 17, 2011 at 2:00 AM, Dazed_75
<lthielster@gmail.com> wrote:
I tried to ssh from this machine to my laptop (ssh lapdog3) and find that ssh is somehow using an old IP instead of doing name resolution on th e name lapdog2 which now has a new lease on a different IP.
Where did you configure the name to IP address {either}:
dns
/etc/hosts
Sometimes if you are using dyndns or another dynamic dns tool, the ip does update but it can take a few days to propigate throughout the Internet.
Check your /etc/resolv.conf file and see where you are querying for DNS.
/etc/nsswitch.conf determines if you first query files or dns (and nis which few use still in linux). It should say files (for /etc/hosts) first then dns.
1) How do I fix this?
Check to see if you have a key in $HOME/.ssh/known_hosts for your server name or IP.
You can cache a key for either or both servername and IP.
You can turn off strict checking in /etc/ssh/sshd_conf and it won't matter but it's a security feature so only do this for testing.
Also, please post the exact error you are getting so we can verify what the problem is?
2) Why does ssh use an old, apparently, stored IP?
It caches a key for a known host based on strict dns/ip host checking as part of SSH rfc. This is all part of key exchange, to waylay IP spoofing wherein someone could do a MITM attack and pretend to be your server or your host.
--
Dazed_75 a.k.a. Larry
The spirit of resistance to government is so valuable on certain occasions, that I wish it always to be kept alive.
- Thomas Jefferson
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss