[Dnsmasq-discuss] Dynamic address config?

Geoff Back geoff at demonlair.co.uk
Sat Nov 26 13:55:56 UTC 2022 

Hello,

How about adding:

alias labssh='ssh -i ~/.ssh/id_rsa.work'

to your shell profile (.bashrc or whatever)?  Then you can just do
'labssh <ip-address>' and the alias expansion makes ssh use the
appropriate ID file.

Regards,

Geoff.

Geoff Back
What if we're all just characters in someone's nightmares?

On 26/11/2022 13:14, Feng Shao wrote:
> Thanks for the reply Petr.
> Let me explain more about the motivation: I am a developer and our
> testers test the code on various environments, including VMs on cloud
> and k8s worker nodes from cloud providers. These machines and IPs are
> not provisioned/allocated by dnsmasq. For cost reason, these
> environments only lives for a short period of time, like one week or
> so, and testers provision these IPs directly without awareness of
> network administrators, that’s also why we don’t configure hostname
> for these machines in DNS system. Also I can not know in advance the
> list of possible IPs.
>
> Whenever tester find some issue or need help, they give me the IP of
> the environments and I need to ssh to that environment. Because I will
> probably login to that same machine several times since the testers
> are testing my code on that machine recently, I want to setup
> passwordless login. So I  normally ssh-copy-id -i <~/.ssh/id_rsa.work
> <http://id_rsa.work>> <IP>first, then ssh to that machine. In order to
> instruct ssh to use my ssh key when connecting to that IP, I have
> below lines in my .ssh/config:
>
> Host *.mylab
>   User root
>   IdentityFile ~/.ssh/id_rsa.wor <http://id_rsa.work/>k
>
> And lines like below in /etc/hosts:
> address=/123.123.123.123
> <http://123.123.123.123>.mylab/123.123.123.123 <http://123.123.123.123/>
> address=/123.123.123.12 <http://123.123.123.123>4.mylab/123.123.123.12
> <http://123.123.123.123/>4
>
> So that I can now “ssh 123.123.123.123.mylab” 
>
> As you can see, the problem here is, whenever a new IP comes, I need
> to add a new entry in /etc/hosts. So what I want is any <IP>.mylab is
> resolved to <IP>.
>
> A key pair can be specified when creating VM on cloud, but I can not
> ask every tester add my ssh key pair when creating VM.
>
>
> Petr Menšík <pemensik at redhat.com>于2022年11月25日 周五19:52写道:
>
>     Did you know that dnsmasq registers all hosts by their name, if
>     they send their own hostname when requesting DHCP from dnsmasq?
>     Just use domain=mylab and have that host send hostname. It would
>     make using names possible without any additional configuration.
>
>     I do not get what is the advantage of having IP suffixed by some
>     domain. It looks like IP address, but it is even longer. Names of
>     machines should be easy to remember or use, I doubt that would be
>     the case here.
>
>     I think we have new feature conf-script, which can generate
>     dnsmasq configuration on the output. But I doubt we have a
>     possible code for what you describe. Could you please describe
>     more about intended usage? Why isn't using just hostname for each
>     host enough? Using dhcp-host seems enough for similar uses.
>
>     I think DLZ plugins for BIND9 are able to do similar things to
>     your request, but that would be very heavy-weight solution. I
>     think more motivation for your current design should be shared,
>     because I do not understand advantage of your solution.
>
>     Cheers,
>     Petr
>
>     On 11/23/22 06:47, Feng Shao wrote:
>>     There are a bunch of machines in our lab, and we normally don't
>>     have DNS records configured for them, only accessing by IP. In
>>     order to ssh to them with key auth, I have a config in my
>>     .ssh/config like 
>>
>>     Host *.mylab
>>       User root
>>       IdentityFile ~/.ssh/id_rsa.work <http://id_rsa.work/>
>>
>>     and I have some "address=/123.123.123.123
>>     <http://123.123.123.123>.mylab/123.123.123.123
>>     <http://123.123.123.123/>" line in dnsmasq.conf. The problem here
>>     is I need to add an entry whenever a new IP comes.
>>
>>     Can this configuration be dynamically? For example,
>>     "address=/*.mylab/somecmd %1", where "somecmd" is a external
>>     command and %1 will be replaced by the name in A/AAAA request. So
>>     that for any DNS request to *.mylab, dnsmasq invoke this external
>>     command and pass the name as argument, the output of external
>>     command, which will be interpreted as IPv4/IPv6 addr then
>>     responsed to client?
>>
>>     _______________________________________________
>>     Dnsmasq-discuss mailing list
>>     Dnsmasq-discuss at lists.thekelleys.org.uk
>>     https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
>     -- 
>     Petr Menšík
>     Software Engineer, RHEL
>     Red Hat, https://www.redhat.com/
>     PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
>
>     _______________________________________________
>     Dnsmasq-discuss mailing list
>     Dnsmasq-discuss at lists.thekelleys.org.uk
>     https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20221126/5d2fa843/attachment-0001.htm>

More information about the Dnsmasq-discuss mailing list