Dealing with roaming machines

Nico Kadel-Garcia nkadel at gmail.com
Sat Dec 27 08:22:40 EST 2014


On Thu, Dec 25, 2014 at 3:20 AM, Bob Proulx <bob at proulx.com> wrote:
> martin f krafft wrote:
>> My laptop and I roam between three networks, though sometimes
>> I leave the laptop at the office overnight, or hop over to the third
>> site for an hour or two.
>>
>> I'd like to find a way to configure OpenSSH (or Linux in general) to
>> try the other networks if the machine cannot be found locally.
>
> I am sure you have already thought of this and didn't prefer it but
> the way I handle this is by using OpenVPN.  My mobile laptop always
> "calls back home" with OpenVPN.  I always access the laptop using the
> VPN address no matter where it is located.
>
> When I ssh it means that the connection is encrypted both by OpenVPN
> and by SSH.  But it is always over WiFi so the performance bottleneck
> is the WiFi and the double encryption is insignificant then.
>
> Having a stable VPN address for the mobile laptop no matter where it
> exists in the network is quite nice.  Also this gives my laptop secure
> access to the private side of my network for all services not just
> ssh.  The solution works well for me.
>
> Good luck!
> Bob

Oh, for pete's sake: just use the FQDN, including the
"laptop.int.domain.com" when the laptop is inside the internal
network, "laptop.ext.domain.com", when it's external, etc., Stop
trying to use the unqualified hostname: extending with search domains
to get and discover all the potential names and try then is really
*not* how DNS was written.

This is underlying DNS behavior in "gethostbyname" or "getaddrinfo" C
library functions, not really SSH behavior.


More information about the openssh-unix-dev mailing list