From fedora-list Thu Apr 23 02:15:30 2009 From: Dave Feustel Date: Thu, 23 Apr 2009 02:15:30 +0000 To: fedora-list Subject: Re: Effect on ssh of altering target's assigned ip address Message-Id: <200904230215.n3N2FUUM025924 () mx1 ! redhat ! com> X-MARC-Message: https://marc.info/?l=fedora-list&m=124045296127652 On Thu, Apr 23, 2009 at 11:22:34AM +1000, Cameron Simpson wrote: > On 22Apr2009 17:51, Dave Feustel wrote: > | On Wed, Apr 22, 2009 at 05:08:15PM -0430, Patrick O'Callaghan wrote: > | > On Wed, 2009-04-22 at 17:16 -0400, Dave Feustel wrote: > | > > After getting ssh to work, I altered the ip addresses of my computers. > | > > | > How? What exactly did you do? Are these addresses static or assigned by > | > a DHCP server? > | > | All my local net addresses are assigned by dhcpd running on the > | firewall. > | > | > > Now ssh doesn't work and neither does ping, apparently (in the case of > | > > ping) because my switch doesn't forget ip addresses even after poweroff. > | > > | > Why do you think there's a problem with ssh if you can't use ping? In > | > most cases if ping doesn't work, nothing works, assuming pings aren't > | > being filtered on the way to or from the target. "traceroute " > | > can be helpful here. > | > | The problem with ping was a result of my switch getting confused after > | I changed the ip addresses. I've gotten everything working again by > | going back to the original address assignment and removing power from > | the switch to make the switch forget address-port associations. > > It may not be the switch. If the two machines are on the same network, > the machines' own ARP tables will remember the old IP<->MAC mapping, > though that should time out and refresh after about 30s. Unless the > switch is doing layer 3 switching (direct IP based routing instead of > MAC based routing). Everything seems to be working wrt the switch now. The problem I am now trying to resolve is why the initial windows load via ssh of XMaple takes 1 minute 38 seconds. Every complete repaint of the XMaple window takes approximately the same amount of time. This makes using X11 to run Maple an agonizingly slow process - too slow to put up with. > | So does a change of IP address for an ssh target affect the way ssh works? > | > | > You might also try "arp" to see if the IP<->MAC mapping is correct. > > "arp -an" is the fast incantion to test. ------------------- 2/home/daf}arp -an ? (192.168.6.1) at 00:22:3f:db:f3:90 [ether] on eth0 2/home/daf}ssh -l daf $C4a The authenticity of host '192.168.6.32 (192.168.6.32)' can't be established. RSA key fingerprint is af:6e:39:4a:4f:15:0d:ed:c9:01:06:e5:11:60:66:1c. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.6.32' (RSA) to the list of known hosts. Password: Last login: Tue Apr 21 12:57:12 2009 from 192.168.3.1 motd 2/home/daf}echo $C4a 192.168.6.32 2/home/daf} ------------------ Note that the ssh session terminated immediately after the successful login. This has happened several times this afternoon and I have no idea why. > Ssh keeps a ~/.ssh/known_hosts file that logs host keys and IP addresses > and host names in order to detect when things change (i.e. to check if > an imposter has arrived). I deleted the known_hosts file to get rid of the entries with obsolete ip addresses. > We would need to see the output of "ssh -v .....", but you should fix > ping first. If ping doesn't work, ssh almost certainly won't, and for > reasons having nothing to do with ssh itself. Ping works fine now. Ssh works. It's just way too slow running XMaple. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines