Dealing with roaming machines

Dan Kaminsky dan at doxpara.com
Tue Dec 23 00:47:52 EST 2014


Generally the way people manage mobility like this is to have a client on
the mobile device that updates the DNS entry, which otherwise has a small
TTL.  The laptop is in the position to have onwakeup events, to interrogate
its environment, and to make the required changes. There's any number of
ways to implement this, from Dynamic DNS to scripted ssh into a name server
to some funky "if this then that" Node thing.

On Monday, December 22, 2014, martin f krafft <madduck at madduck.net> wrote:

> Hey folks,
>
> As most of everyone, I use OpenSSH for almost everything and
> whenever I can: backups, sync, Git, configuration management, and of
> course console sessions. So much for an intro ;)
>
> My laptop and I roam between three networks, though sometimes
> I leave the laptop at the office overnight, or hop over to the third
> site for an hour or two.
>
> I'd like to find a way to configure OpenSSH (or Linux in general) to
> try the other networks if the machine cannot be found locally.
> Unfortunately, DNS "search" in /etc/resolv.conf and
> CanonicalizeHostname in ssh_config both don't work since they only
> iterate the network DNS zones until a record is found, and my laptop
> has an entry in all three zones.
>
> Short of creating a single DNS entry and adding all possible IPs for
> my laptop, I am wondering if there's a way to configure OpenSSH
> (or Linux) to try multiple DNS names until a connection can be
> made. For extra bonus special points, this should obviously happen
> all at once to reduce wait times.
>
> Assuming that this isn't currently possible — I did search and
> investigate — would this be a worthwhile feature to look into?
>
> Thanks,
>
> --
> @martinkrafft | http://madduck.net/ | http://two.sentenc.es/
>
> for years, we have thought that a million monkeys typing at a million
> typewriters would eventually produce the complete works of shakespeare.
> today, thanks to the internet, we know this is not true.
>
> spamtraps: madduck.bogus at madduck.net <javascript:;>
>


More information about the openssh-unix-dev mailing list