openssh 2.1.1p4-1: port number data in known_hosts: suggestion
E. Jay Berkenbilt
ejb at ql.org
Mon Aug 7 11:24:04 EST 2000
> Do people think this is an idea worth implementing? Does someone know
> of some other way to achieve my desired functionality under the
> existing implementation? I know I could do this using ProxyCommand by
> having some program that copies stdin <-> host/port, but that
> unfortunately requires the extra overhead of an external program
> passing all the data in both directions...
To answer my own question, I figured out a way to achieve my
goal.... I added (lines like) the following to /etc/ssh/ssh_config or
~/.ssh/config on hosts outside the firewall
Host inside1
HostName name.of.my.firewall
Port 221
UserKnownHostsFile ~/.ssh/inside1
Host inside2
HostName name.of.my.firewall
Port 222
UserKnownHostsFile ~/.ssh/inside2
Then ssh inside1 and ssh inside2 use different known_hosts files and I
don't have a problem. I can also not put those lines on the machines
inside the firewall so I can use identical configurations
everywhere.....
I still think my suggested fix is a reasonable idea, but my incentive
to implement it has mostly disappeared. :-)
--
E. Jay Berkenbilt (ejb at ql.org) | http://www.ql.org/q/
More information about the openssh-unix-dev
mailing list