About multiple hosts with same hostname
Flavien
flavien-ssh at lebarbe.net
Wed Apr 1 07:47:47 EST 2009
Hi,
Christian Iversen wrote:
> However, when we go to our customers' sites, we often issue commands
> like "ssh user at fw0", which of course gives out endless warnings about
> MITM attacks, and essentially makes host keys worthless on the internal
> customer networks.
>
> It seems somewhat wrong to me. Isn't there some way to make OpenSSH save
> the host key using the FQDN instead of just the local part?
What about a trick like :
$ tail -2 .ssh/config
Host fw0
Hostname fw0.client3.toto.org#CLIENTDOMAIN
$ switch-ssh client2.org
$ tail -2 .ssh/config
Host fw0
Hostname fw0.client2.org#CLIENTDOMAIN
"switch-ssh" can be a script or even an alias in your shell, that
does :
sed -i \
"s/^Hostname *\([^.]*\).*#CLIENTDOMAIN/Hostname \1.$1#CLIENTDOMAIN/" \
.ssh/config
Hope this helps,
Flavien.
More information about the openssh-unix-dev
mailing list