To give as much detail as possible, I am doing a Pentest for a client that has quite a few "terminal systems" meaning that they are simply a box with a connection back to the main server. These systems are at a different location than the main server, so if connection is interrupted than critical business functions may be stopped, and my contract is not such that I can fix it. (My contract simply waives all liability allowed under law from me). All locations are on the same VLAN as each other with only 1 line leaving through the main office.
Now with this topology, some of these systems have ssh servers installed onto them so the main office can connect to this remote office. They are fairly well locked down but from some other non critical systems I was able to recover some passwords and usernames including a previous sys admin that retired a few months ago. Every time I go to connect to the ssh server I receive a connection refused. I have determined that the sole connection to it is from a specific IP Address.
Is it possible to spoof my IP Address and mac address to trick this ssh server into at least letting me try to log in? However if I do this would I kick off the current computer and possibly disrupt traffic from it AND from the terminal (with ssh server) to the main server?
The only article on here that I found was Spoof another IP address in the same network,will the spoofing source get the response? and it didn't provide the specific answer I needed. I am more worried able keeping the services up rather than proving an attacker could log in. I could simple provide a redacted version of the user/password list and the method of IP spoofing (assuming this could work).