1
Is it possible to have this scenario? (I am not talking about websites or anything related to apache)
both example1.com and example2.com point to same IP.
If I ssh to example1.com:22 it goes to server1 from LAN
If I ssh to example2.com:22 it goes to server2 from same LAN
Both servers are on the same LAN under same IP and sshd is running on the same port.
Daniel S
Posted 2013-09-05T14:53:37.573
Reputation: 113
6
I don't think what you are trying to do is possible.
As far as I know, SSH has no concept of host names on the protocol level, and even if it did, you are talking about connecting to different hosts based on the host name you use to obtain the IP address to connect to, when the IP address obtained is the same and might be obtained with absolutely no involvement even of the example1.com and example2.com name servers, so there's nothing to hook into.
In HTTP/1.1, each request comes with a Host: header the value of which is the domain name as used in the web browser (or other client). This protocol-level data allows the web server to handle requests for different domains, even when they all map to a single IP address. Note that name-based virtual hosting was one of the major improvements in HTTP/1.1 over the original protocol version 1.0.
It might be possible to do something like what you are looking for using SRV DNS records, but I haven't tried it and software support for SRV records is spotty at best. Such a setup will likely be heavily dependent on the client you use to connect, if it can be made to work at all.
However, you can do something kinda-sorta similar on the client side using ~/.ssh/config (assuming OpenSSH; other software should be able to do something similar through other mechanisms) with host aliases and port specifiers. You can then run some sort of proxy (likely NAT or PAT) in front of both hosts and forward connections based on the incoming port number. With a sophisticated enough splitter in front of the hosts, you might be able to do something with port knocking.
a CVn
Posted 2013-09-05T14:53:37.573
Reputation: 26 553
1If you have seen this done with Apache, it's because browsers transmit a Host: HTTP header that identifies the domain they are trying to connect to. So the server can serve different pages depending on the incoming Host: header, and Apache supports exactly that. SSH doesn't do this. – LawrenceC – 2013-09-05T15:38:10.817
@ultrasawblade Good point explaining how that works; I have incorporated it into my answer. – a CVn – 2013-09-06T07:22:34.923
1This is done all the time. A single ip address can host dozens of websites. – Ramhound – 2013-09-05T14:55:26.540
3websites yes with apache virtual hosts, but can we have ssh for example on port 22? – Daniel S – 2013-09-05T14:56:44.917
Are your servers behind a NAT router? – heavyd – 2013-09-05T15:02:49.390
1yes they are under a Nat router – Daniel S – 2013-09-05T15:03:50.353
3@punked - Clearly they would have to be on different ports. SSH is SSH it can be on port 4000 or 22 does not matter. – Ramhound – 2013-09-05T15:07:52.583