Tux

...making Linux just a little more fun!

Talkback:141/kapil.html

[ In reference to "Who is using your Network?" in LG#141 ]

Ramanathan Muthaiah [rus.cahimb at gmail.com]


Tue, 7 Aug 2007 06:37:56 +0530

Hi,

How would this be possible in computers running on leased IP addresses via DHCP ?

Section 3 Secure Shell

. . . . . . . . . . . .

The simplest way to do this is to go to each computer and copy these files to a USB stick:

   cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/<ip_addr>.rsa.pub
   cp /etc/ssh/ssh_host_dsa_key.pub /media/usb/<ip_addr>.dsa.pub
. . . . . .

/Ram


Top    Back


Kapil Hari Paranjape [kapil at imsc.res.in]


Sat, 11 Aug 2007 09:46:54 +0530

Hello,

On Tue, 07 Aug 2007, Ramanathan Muthaiah wrote:

> How would this be possible in computers running on leased IP addresses
> via DHCP ?
> 
> Section 3 Secure Shell
> 
> . . . . . .
> . . . . . .
> 
> The simplest way to do this is to go to each computer and copy these
> files to a USB stick:
> 
>    cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/<ip_addr>.rsa.pub
>    cp /etc/ssh/ssh_host_dsa_key.pub /media/usb/<ip_addr>.dsa.pub
> 
> . . . . . .

The IP address is just one way to label the data. So one could do

	On Abdul:
		cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/Abdul.rsa.pub
	On Chin:
		cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/Chin.rsa.pub
You then create the known_host files as before except the keys get labelled by names instead of IP addresses.

1. You need to find all the hosts (via IP addresses) on the network which are running SSH servers. One way is for all of the good guys to run service announcement like Avahi/Bounjour. The other way is for the client to run a non-aggressive portscan on the network. Another is to just try all hosts on the subnet!

2. Abdul then runs through each such IP looking for Chin (you could order this list going to more likely addresses first):

	for i in $(cat list_of_ips)
	do
		if (ssh -f -N -o HostKeyAlias=Chin -D 1080 $i)
		then
			break
		fi
	done
3. The connection is then setup until the DHCP lease expires at which point one needs to do this again :-(

Regards,

Kapil. --


Top    Back