vserver development mailing list: Re: [vserver] sshd configuration

From: Andrei Morgan <asm_at_fifthhorseman.net>
Date: Wed 12 Sep 2007 - 12:08:54 BST
Message-ID: <46E7C8C6.1020900@fifthhorseman.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

roymathew@bellsouth.net wrote:
> Hi folks,
>
> I got sshd configured and it seems to be working correctly in my
> vserver. I can ssh from host->VPS and and VPS->host
>
> -------------------- hosts sshd_config --------------------
> ListenAddress 192.168.1.100 # external address
> ListenAddress 10.1.1.1 # host dummy0 address
> ListenAddress 127.0.0.1 # so I can use localhost
>
> -------------------- guests sshd_config --------------------
> ListenAddress 10.1.1.2 # VPS dummy0 address
> ListenAddress 127.0.0.1 # so I can use localhost
>
> My questions:
>
> 1. Is it ok to have multiple ListenAddress directives per VPS.

i think so, as long as those ips correspond to the vserver

> 2. I assume that the same address cannot be used in more than one
> sshd_config (ie: host and guest cannot have the same IP specified, and
> that 127.0.0.1 is the only exception to this rule). Correct?

my understanding is 127.0.0.1 is reserved for the host system only and
is not virtualised for the guests - but i haven't followed recent
developments on this list so i may be wrong.

> 3. When I try to ssh from another machine on the same subnet to 192.168.1.100, I get:
> The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
> RSA key fingerprint is 10:84:de:66:9d:fb:83:fd:12:ce:7d:b8:dc:c3:68:cd.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '192.168.1.100' (RSA) to the list of known hosts.
> Connection closed by 192.168.1.100
> ie: a timeout, it appears. What gives?

try 'ssh -vv' for more information.

--asm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQIVAwUBRufIxZDvlCN+cBEyAQJVYQ/9Hk0jKFoJY0tZtqE1Y6L97GkWs4GLbBFy
jb7jba70rQ0HdPs8GyFHRyrk5HdMgvHeUembohpKBLpNjD7/jiyIUo7ahJmBML6T
q8sg9W0qMk/sDeHTdAbDeO0ilBckBVxeauOTMPnyWlUpt/LjI4t1sUjElmUqEQ32
UM6r2pgJLyhZb3Z9wSRPCj6Cwz6kBtd7bxMzd6sMQwWUvly4M6Rwnmz9DvuPtpxW
vAB5k9HGoGOP6kCy8/fWmkCHl+yRjVio6XcqLbLOErbdNU6nrsmqJMFzQJx/piNB
kkRiadg8Gs6Xhpkeeqgqbs02RRAa/UuyLssI5xg7TX7rnJP3Tpq4uyr+JF99BOnB
fCic6BaAMBiOj3MAo0dycFVasbwMh4ldoHY9OGkuCSeUJqBxgzWNNZCOepDHVr7Y
RIEn3YZZqi1yTOr1OZNV1rz33cdsQq0rYu8CLxxx0Sem9R7bymIETomxwL3fkh23
oz874TvV6OshoDRtPZr39KcPPOBAIXk28Nrd1BsAewrHd46oC3RqQz9j9uZEhVf6
l8hG8CsojizFfPjdS4XhrByZlc8VeZLiOSUVNIoetZ68sI0zP2xv+p06SzXySMbP
ycV6hNfqfdkoIT96rn3XGQ2gjYXhAnywbVFFJa2B/nt4nGazmaCWtaKttfYYIba4
c3RGt9XOfB4=
=KEl1
-----END PGP SIGNATURE-----
Received on Wed Sep 12 12:09:22 2007