...making Linux just a little more fun!
[ In reference to "Who is using your Network?" in LG#141 ]
Ramanathan Muthaiah [rus.cahimb at gmail.com]
How would this be possible in computers running on leased IP addresses via DHCP ?
Section 3 Secure Shell
. . . . . . . . . . . .
The simplest way to do this is to go to each computer and copy these files to a USB stick:
cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/<ip_addr>.rsa.pub cp /etc/ssh/ssh_host_dsa_key.pub /media/usb/<ip_addr>.dsa.pub. . . . . .
Kapil Hari Paranjape [kapil at imsc.res.in]
On Tue, 07 Aug 2007, Ramanathan Muthaiah wrote:
> How would this be possible in computers running on leased IP addresses > via DHCP ? > > Section 3 Secure Shell > > . . . . . . > . . . . . . > > The simplest way to do this is to go to each computer and copy these > files to a USB stick: > > cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/<ip_addr>.rsa.pub > cp /etc/ssh/ssh_host_dsa_key.pub /media/usb/<ip_addr>.dsa.pub > > . . . . . .
The IP address is just one way to label the data. So one could do
On Abdul: cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/Abdul.rsa.pub On Chin: cp /etc/ssh/ssh_host_rsa_key.pub /media/usb/Chin.rsa.pubYou then create the known_host files as before except the keys get labelled by names instead of IP addresses.
1. You need to find all the hosts (via IP addresses) on the network which are running SSH servers. One way is for all of the good guys to run service announcement like Avahi/Bounjour. The other way is for the client to run a non-aggressive portscan on the network. Another is to just try all hosts on the subnet!
2. Abdul then runs through each such IP looking for Chin (you could order this list going to more likely addresses first):
for i in $(cat list_of_ips) do if (ssh -f -N -o HostKeyAlias=Chin -D 1080 $i) then break fi done3. The connection is then setup until the DHCP lease expires at which point one needs to do this again