Hi ALL,
I am using Bering v1.2 and want to remotely access hosts in the private loc and dmz. I have a single public dynamic IP address to my firewall which is mydomain.dyns.cx. I added the followings in /etc/shorewall/rules to try it out: ACTION SOURCE DESTINATION PROTOCOL PORT DNAT net dmz:192.168.2.1:22 tcp 1022 When I issued "ssh mydomain.dyns.cx -p 1022" from my Linux computer outside of the firewall, I got the following errors: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! It is possible that the RSA host key has just been changed. I know what has happened. The "ssh command" was forwarded to the private host-192.168.2.1 and the host passed its RSA host key to my computer. My computer thinks it is from my firewall-mydomain.dyns.cx but it has different RSA host key in the key database. If I issued "ssh mydomain.dyns.cx" without "-p 1022", I can log in to my firewall with no error.
Please point me how to remotely access hosts behind firewall. Thanks & regards, Jimmy
I don't *quite* understand what you are asking.
You are not getting an "error" when you try to connect. You are getting a "WARNING', just like it says on the first line you quote. The warning, issued by the ssh client involved in the connection, is that the host you are trying to connect to is different from the one you used to connect to. That's true; you just changed it from the firewall itself to the internal host.
Normally this warning is followed by a message that says something like "connect anyway?". Tell it yes -- since you know that the change of key is legit, not (say) a clumsy man-in-the-middle attack, and the connection should go through (and you should not get this message on subsequent attempts).
If I've misunderstood your question, please accept my apology.
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
