1

Summary: In a broader context, I just need a way to connect to multiple servers that are all running the same services on the same network without having multiple external IP addresses or having to forward a different port on each server for the same service.

More detailed explanation: I have 3 servers on my network, each of which I would like to access remotely via ssh. Here’s what things currently look like with ports and addresses:

Internal IP:    Port:
192.168.1.100   22 (ssh)
192.168.1.101   23 (ssh)
192.168.1.102   24 (ssh)

Let’s say the external IP for my network is 161.86.232.865 and all of the above ports are forwarded and visible to the external network. Is it possible to give each of these ports a subdomain and be able to ssh into them with their subdomain? For example, 192.168.1.100 would be ssh-100.example.com, 192.168.1.101 would be ssh-101.example.com, and so on. I understand that this is not (as far as I know) possible to do with the internal IPs instead of ports, so I figured I’d ask.

If you know anything, please share. Thanks!

GNULinuxOnboard
  • 117
  • 8
  • 2
    The solution is to run a VPN server, then you can route all traffic directly to your internal IP-ranges and continue to use default ports for all services on every server without further configuration such as port forwarding – Bob Jan 23 '20 at 06:56

1 Answers1

2

This is not currently possible. SSH does not currently support srv records. There are some proposed patches that do so, but they are not part of mainstream repositories. (You could perhaps alias sshsrv to ssh.).

Presumably you're looking for something more portable than specifying Port in your local ~/.ssh/config, which could work for anything that shared that same config.

There's also ssh -J <jumphost>, which can work if you don't mind making one host your bastion (perhaps not a bad idea anyway).

84104
  • 12,905
  • 6
  • 45
  • 76
  • In a broader context, I just need a way to connect to multiple servers that are all running the same services on the same network without having multiple external IP addresses or having to forward a different port on each server for the same service. – GNULinuxOnboard Jan 23 '20 at 06:10
  • 3
    Well, you don't have to port forward to a different port in the inside. It's the outside that needs a different port. outside:22 can forward to inside1:22 and outside:23 can forward to inside2:22. (Not that you should necessarily expose something that looks like telnet.) – 84104 Jan 23 '20 at 06:37
  • 1
    There is also the trick about tunnel forwarding over an existing SSH session. As long as one of the SSH host can be reached from the outside you can then use that host to connect to any other SSH hosts on your network. Didn't knew the `-J` parameter. I was just thinking about `-L` or maybe `-R` depending on direction. – Lasse Michael Mølgaard Jan 23 '20 at 11:25
  • Would it be possible to use subdomains on Xen virtual machines? Is there a way to do that in the Xen hypervisor? I forgot to specify that these are virtual machines and they all have their own internal IP address. – GNULinuxOnboard Jan 23 '20 at 18:08