HPE Community
Operating System - HP-UX
1752587 Members
4116 Online
108788 Solutions
New Discussion юеВ

Re: How does ssh server know I am from ipX, when my client has 4 ip addresses?

 
SOLVED
Go to solution
Steve Post
Trusted Contributor

тАО07-13-2010 10:05 AM

тАО07-13-2010 10:05 AM

How does ssh server know I am from ipX, when my client has 4 ip addresses?

I'm sure this must have been talked about somewhere. I can't find it.

I have a client unix box with 4 ip addresses. 1.2.3.101, through 1.2.3.104. These 3 are virtual ip addresses: 1.2.3.102, 1.2.3,103, and 1.2.3.104.
And I have the original, main ip address: 1.2.3.101.

I ssh from there into an adjacent unix box at 1.2.3.50.
Does the ssh server on box 1.2.3.50 see me coming in from ip address 101, 102, 103, or 104?
How do I know?

Now what if it is telnet instead of ssh? or ftp, sftp, or ....some other network service.
0 Kudos
Reply
3 REPLIES 3
Patrick Wallek
Honored Contributor

тАО07-13-2010 10:36 AM

тАО07-13-2010 10:36 AM

Re: How does ssh server know I am from ipX, when my client has 4 ip addresses?

I **think** outgoing connections will always use the base NIC address as the source address.

I just ssh'd from a server with a config similar to yours. The address that shows on the remote server is the base address of the NIC (1.2.3.101 in your example).
Reply
Matti_Kurkela
Honored Contributor

тАО07-13-2010 11:22 AM

тАО07-13-2010 11:22 AM

Solution

Re: How does ssh server know I am from ipX, when my client has 4 ip addresses?

If the client application does not require a specific source IP address, the OS of the client box will decide the source IP. As Patrick said, the default choice is usually the main IP address of the appropriate interface. This is because the OS usually makes the choice by looking at the IP routing table.

The routing table is ordered to put the most specific route first, so the OS just picks the first route whose destination/mask pair includes the destination IP, and uses the interface associated with that route. The sorting algorithm puts the "main" address of a NIC before its aliases if they both belong to the same IP segment... so usually, you'll get the main IP as the source address of your outgoing connection.

This document might be helpful:
http://mayoxide.com/presentations/Understanding_hpux_routing.pdf

(Pages 6 - 7 describe how you can use the routing table to select the source IP address, if your client application does not have an option for selecting it. But using the routing table for that has some side effects: read carefully before implementing.)

Many applications don't offer the option of choosing the source IP address. But the SSH suite does:

ssh -b 1.2.3.104 steve@1.2.3.50
sftp -oBindAddress=1.2.3.104 steve@1.2.3.50
scp -oBindAddress=1.2.3.104 /etc/hosts steve@1.2.3.50:/tmp

MK
MK
Reply
Steve Post
Trusted Contributor

тАО07-14-2010 04:35 AM

тАО07-14-2010 04:35 AM

Re: How does ssh server know I am from ipX, when my client has 4 ip addresses?

Thanks. I think the routing table will be my plan B. That document looks great though.

I have had a problem getting a ssh connection for file transfers over a high speed network crossover cable. This bind option to ssh should solve it.

Go figure. Ask one question get TWO solutions!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.