Unable to Use Hostname to SSH
-
@herb_fargus happy to hear that I'm not the only one :)
@Sano that seems to work! Here's what things look like within my terminal:
So it seems like there's a security concern since, right before I was able to connect using
retropie.local, the terminal asked the following:The authenticity of host 'retropie.local (10.0.0.xxx)' can't be established.
ECDSA key fingerprint is SHA256:+7blah blah blah.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'retropie.local' (ECDSA) to the list of known hosts.Not sure at all why that's happening. Also, why is
retropie.localnecessary? I've tried usingretropieafter I remoted in usingretropie.local, but I still wasn't able to. -
@fitchneraubarca You get that message the first time you ssh over to the pi. I've seen that the first time I've logged into any new build.
-
@hurricanefan Darn... Got excited that I saw something new. Well, sounds like I just gotta stick with SSH'ing with
retropie.localfor now. -
@fitchneraubarca
On windows, the .local suffix of mDNS is included in the search domains.
For security reasons, it's no possible on Linux, you have to use the FQDN (and not short names) for mDNS entries.
Even by adding .local to DNS search domains it doesn't work because mDNS resolution doesn't use the DNS resolv.conf file...I did some searching a while ago but didn't find an easy solution aside from changing mdns suffix from .local to something else...
A quick and dirty solution for using the short name is to add an entry in /etc/hosts on your workstation, but this won't follow eventual IP change of your raspberry.
You can also create an alias on your workstation by addingalias retropie="ssh pi@retropie.local"in your ~/.bashrc file. That's what I did. -
@sano so you just enter "retropie" nothing else into the comandline?
-
@drakaen391
Yup !
With key-based ssh authentication, nothing else to type :) -
Thanks @Sano ! My networking understanding isn't quite up to your level. However, I overall understand what you're saying and it all makes sense. At least there's a logical explanation to all of this :) Thanks for all of your (and everyone else's) help on this.
-
@sano said in Unable to Use Hostname to SSH:
With key-based ssh authentication, nothing else to type :)
Only if the key itself has no passphrase, which makes it usable by anyone who gets their hands on it. It also makes it easy to jump systems if the one holding the key is compromised.
I mention this mostly for @FitchnerAuBarca and other ssh newbies. I don't think this is a big security concern in most Retropie use cases, but I think it's worth noting for the sake of completeness, especially for people who are new to the whole concept of key-based authentication. :)
-
@clyde
Yes, you may be careful if your key has no passphrase (that's why it's protected by mandatory and specific access rights on the system).
You may also use a passphrase and an ssh agent to only have to type the passphrase once per user session ;) -
@sano said in Unable to Use Hostname to SSH:
You may also use a passphrase and an ssh agent to only have to type the passphrase once per user session ;)
Correct, I had that in mind but didn't articulate it. Thanks for the addition. :)
Contributions to the project are always appreciated, so if you would like to support us with a donation you can do so here.
Hosting provided by Mythic-Beasts. See the Hosting Information page for more information.