Join Log in
Score:0
avatar Server

SSH working by IP but by name

rs flag
Arnaud F.

General context:

I have a server with several LXD containers and having an HAPROXY on top to redirect traffic to good container regarding url given.

The pointed container is gitlab.

Main server

Port 22 is open

server# iptables -L -n |grep 22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22

server# netstat -plnt | grep 22
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2536/sshd           
tcp6       0      0 :::22                   :::*                    LISTEN      2536/sshd

Gitlab server configuration

gitlab# cat /etc/hosts
127.0.0.1       gitlab.pub-domain.com gitlab
127.0.0.1       localhost
127.0.1.1       s-302-gitlab # machine name
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

gitlab# cat /etc/resolv.conf 
search pub-domain.com
search priv-domain.ovh
nameserver 8.8.8.8

# netstat -tulpn | grep 22
tcp        0      0 127.0.0.1:9229          0.0.0.0:*               LISTEN      583/gitlab-workhors 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5094/sshd           
tcp6       0      0 :::22                   :::*                    LISTEN      5094/ssh

Ping everything

Launched in gitlab containers and works:

gitlab# # ssh -T https://[email protected]
https://[email protected]'s password:
gitlab# ssh -T https://[email protected]
https://[email protected]'s password:

Now go to another machine (let's say server to make it simple) and ping :

server# ping pub-domain.com
PING pub-domain.com (31.7.xx.yy) 56(84) bytes of data.
64 bytes from 31.7.xx.yy (31.7.xx.yy): icmp_seq=1 ttl=64 time=0.588 ms
--- pub-domain.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms

server# ping gitlab.pub-domain.com
PING pub-domain.com (31.7.xx.yy) 56(84) bytes of data.
64 bytes from 31.7.xx.yy (31.7.xx.yy): icmp_seq=1 ttl=64 time=0.588 ms
--- pub-domain.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms

SSH

server# ssh git@s-302-gitlab
ssh: connect to host s-302-gitlab port 22: Connection refused
server# ssh -T https://[email protected]
ssh: connect to host gitlab.pub-domain.com port 22: Connection refused
server# ssh -T [email protected]
The authenticity of host '192.168.3.200 (192.168.3.200)' can't be established.
ECDSA key fingerprint is SHA256:Pe2vY/8GyG3o6ZkDErTN8Ko+k9veJA9S4wnHvQXSYJk.
Are you sure you want to continue connecting (yes/no)?

Any idea why I can connect only using IP and not the domain/URL?

Responding to comments

# dig +short s-302-gitlab
# dig +short gitlab.pub-domain.com
pub-domain.com.
31.7.xx.yy

Thanks,

118
0 + 0
ssh
digijay avatar
mx flag
digijay
On `server`, what's the output of `dig +short s-302-gitlab`? Try the same for `gitlab.pub-domain.com`.
0
Reply
rs flag
Arnaud F.
@digijay : first one nothing, second one pub-domain and external IP. See my edit in original post.
0
Reply
anx avatar
fr flag
anx
You add the `-v` option to your ssh call multiple times to increase verbosity. Then ssh will tell, more specifically, what connection was refused. By the way, Your user name is probably a mistake. Usually `https://` would denote a connection that uses HTTP, whereas ssh user names generally do not contain slashes or colons.
0
Reply
Michael Hampton avatar
cz flag
Michael Hampton
`s-302-gitlab` is defined in your `/etc/hosts` file. What IP address did you expect it to have? Because you immediately then tried to ssh to `192.168.3.200` which is not the same IP address.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.