SSH login on the same IP address but different OS?

ssh

There are several potential solutions.

The easiest solution is the one davidgo proposed in his answer, which, as he mentions, leaves you open to a MitM attack (unlikely, but it's good to practice good security even in private situations).

  Host 192.168.5.163
      StrictHostKeyChecking no
      UserKnownHostsFile /dev/null

A slightly better solution would be, as Eugen Rieck proposed, to synchronize the /etc/ssh/ssh_host_*key* files between both target OS systems.

A more reliable method would be to specifically decide which OS to connect to, so you do get an error if you connect to the wrong OS. That would for example allow scripts using ssh to fail if they target the wrong OS.
You can do that by using effectively an Alias in the ~/.ssh/ssh_config.

Host raspbian-pi
  Hostname 192.168.5.163
  UserKnownHostsFile ~/.ssh/known_hosts_raspbian

Host centos-pi
  Hostname 192.168.5.163
  UserKnownHostsFile ~/.ssh/known_hosts_centos

You can then connect with ssh <your_user>@raspbian-pi to retrieve the Raspbian OS key, then switch to CentOS on your Raspberry Pi, do the same with ssh <your_user>@centos-pi to get the CentOS key. Then, in the future, whenever you connect to the wrong OS, you will get the host key error. Make sure to use the correct OS the first time you use the SSH command, so you don't accidentally store the CentOS host key in the Raspbian known hosts file.

Disclaimer: I've never used this solution and I'm not in a position to test it, but it should work correctly from my understanding and the documentation of ssh.


You can fix the immediate problem by following the instruction in the error (you must do this each time you switch boxes) -

ssh-keygen -f "/home/joedoe/.ssh/known_hosts" -R "192.168.5.163"

The problem you are running into is that your computer has detected that the system its logging into is different to the one previously seen, and the warning is there to prevent man-in-the-middle attacks.

There are a number of ways of dealing with this properly. They include:

  1. Setting up names for each box in /etc/hosts and then referring to the SSH connection by name rather than IP. In this way SSH will associate different server fingerprints with each name.

  2. Ignoring the check (this opens you up to mitm attacks so only do it if you understand and are comfortable with the risks.) You can ignore this check with by adding -o UserKnownHostsFile=/dev/null to your ssh command or -o StrictHostKeyChecking=no

    2a. You can create a config that only ignores the key check for the one IP by putting the following into ~/.ssh/config

    Host 192.168.5.163 StrictHostKeyChecking no UserKnownHostsFile=/dev/null

  3. I wouldn't advise it unless the machines fill the same role, but you could make the host keys in /etc/ssh the same on both servers (and restart sshd on the one you changed). In this way both servers will appear the same to the client.


The easiest way to do this ist to copy /etc/ssh/ssh_host_*_key* from one installation to the other - this will give both OSes the same host keys and thus the fingerprint.


Another option is to give each OS a different IP address. They get the same one now because the DHCP server sees the same MAC address. So you could configure one install to use a static IP address.

I would follow Eugen's suggestion though - that simplifies things. Or get a second Pi and run both machines at once.

Related

RSA SecurID Sofware Token application window not visible after screen configuration change
Does SQL Server Offer Anything Like MySQL's ON DUPLICATE KEY UPDATE
Android java.lang.VerifyError?
How to execute a java .class from the command line
Does a valid XML file require an XML declaration?
Is there a generic constructor with parameter constraint in C#?
ggplot, facet, piechart: placing text in the middle of pie chart slices
How to update UI from another thread running in another class
Finding a key recursively in a dictionary
Generic arrays in Java
Finding line-wraps
MongoDB Query Help - query on values of any key in a sub-object