[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Effect on ssh of altering target's assigned ip address



On 22Apr2009 17:51, Dave Feustel <dfeustel mindspring com> wrote:
| On Wed, Apr 22, 2009 at 05:08:15PM -0430, Patrick O'Callaghan wrote:
| > On Wed, 2009-04-22 at 17:16 -0400, Dave Feustel wrote:
| > > After getting ssh to work, I altered the ip addresses of my computers.
| > 
| > How? What exactly did you do? Are these addresses static or assigned by
| > a DHCP server?
| 
| All my local net addresses are assigned by dhcpd running on the
| firewall.
|  
| > > Now ssh doesn't work and neither does ping, apparently (in the case of
| > > ping) because my switch doesn't forget ip addresses even after poweroff.
| > 
| > Why do you think there's a problem with ssh if you can't use ping? In
| > most cases if ping doesn't work, nothing works, assuming pings aren't
| > being filtered on the way to or from the target. "traceroute <target>"
| > can be helpful here.
| 
| The problem with ping was a result of my switch getting confused after
| I changed the ip addresses. I've gotten everything working again by
| going back to the original address assignment and removing power from
| the switch to make the switch forget address-port associations.

It may not be the switch. If the two machines are on the same network,
the machines' own ARP tables will remember the old IP<->MAC mapping,
though that should time out and refresh after about 30s. Unless the
switch is doing layer 3 switching (direct IP based routing instead of
MAC based routing).

| So does a change of IP address for an ssh target affect the way ssh works?
|  
| > You might also try "arp" to see if the IP<->MAC mapping is correct.

"arp -an" is the fast incantion to test.

Ssh keeps a ~/.ssh/known_hosts file that logs host keys and IP addresses
and host names in order to detect when things change (i.e. to check if
an imposter has arrived).

We would need to see the output of "ssh -v .....", but you should fix
ping first. If ping doesn't work, ssh almost certainly won't, and for
reasons having nothing to do with ssh itself.

Cheers,
-- 
Cameron Simpson <cs zip com au> DoD#743
http://www.cskk.ezoshosting.com/cs/

We should forget about small efficiencies, say about 97% of the time:
premature optimization is the root of all evil. - Donald Knuth


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]