Cannot ssh out of NN to another machine on my LAN. Other direction works fine.

David Kuehling dvdkhlng at gmx.de
Sat Sep 15 19:07:52 EDT 2012


Hi Delbert,

>>>>> "Delbert" == Delbert Franz <ddf at sonic.net> writes:
[..] 
> I then did some fiddling with updating the authorized_keys files on
> both computers but that made no difference.  Then, I noticed something
> that I had overlooked: when I pinged from the NN to my other LAN
> machines, the IP addresses were wrong.  They were all WAN addresses.
> Then my foggy grey matter recalled: "I have seen this before!" There
> is a problem with DNS in the /etc/config/network file!

[..]
> Notice that the active "option dns" line has two IP's: first a local
> DNS for my LAN and second a global DNS, opendns, for when I am not
> connected in my office.
 
> Under VERSION: 2011-08-27, DNS IP's would be accessed in order from
> left to right.  So, if I was in my office, 192.168.1.1 would give the
> proper addresses on my LAN.  Outside my office, 192.168.1.1, would
> fail to know anything about the machines on my LAN, and 208.67.222.222
> would be used.

> Here is the part that I overlooked earlier, that is, every one of my
> machine names yields a valid WAN address via 208.67.222.222!  One of
> my machines is named "ac" and on the latest image on the NN the above
> "option dns" will get some other machine somewhere in the world!
> Usually when I ping, I don't look at the IP address returned, I just
> look at there being a response.  That appears to be a bad idea.

[..]
> After a bit of trial and error, it appears that just reversing the
> order of the IP addresses in the "option dns" gives me what works in
> the latest image.  So the network file that works for the latest image
> is:

[..]
> Hope this helps some one else, after all the dead ends I encountered.
> The major conclusion is: LOOK at the IP address returned by a PING.
> It just might have a WAN value instead of a LAN value.  I have no idea
> why a two letter machine name makes sense to a global DNS but it
> apparently does:-)

Nice to see that you were able to solve your problems.  It still leaves
me startled as to why it's actually working for you :)  You're certainly
not using the standard NAT setup described in 

  http://en.qi-hardware.com/wiki/Ethernet_over_USB

Because with NAT you won't be able to SSH into your NanoNote from other
machines on your LAN.

However, without NAT, your other LAN machines would have to be aware of
the network having two routers; (1) the internet gateway and (2) the
machine that the NanoNote is connected to via USB.  Or do you somehow
connect the NN directly to a USB-enabled router?  

Just being curious.  I would have used a eth0-to-usb0 ethernet bridging
setup for simplicity, but never heard of anyone here who tried to make
that work.

cheers,

David
-- 
GnuPG public key: http://dvdkhlng.users.sourceforge.net/dk.gpg
Fingerprint: B17A DC95 D293 657B 4205  D016 7DEF 5323 C174 7D40
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.en.qi-hardware.com/pipermail/discussion/attachments/20120916/09648ed1/attachment.pgp>


More information about the discussion mailing list


interactive