5

I was experimenting with linux ssh. And in terminal I tried to connect with the same linux machine which I was using and it got connected! Its like calling your same phone from your phone! But how this is possible?

Below is sample terminal commands I entered:

alpha@alpha:~$ ssh alpha@<my IP address>
alpha@<my IP address>'s password: <my password>

Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-42-generic x86_64)

* Documentation:  https://help.ubuntu.com
* Management:     https://landscape.canonical.com
* Support:        https://ubuntu.com/advantage


* Canonical Livepatch is available for installation.
 - Reduce system reboots and improve kernel security. Activate at:
   https://ubuntu.com/livepatch

0 packages can be updated.
0 updates are security updates.

Last login: Mon Dec 10 15:31:35 2018 from <my IP address>

In above terminal is the same IP address of the linux machine by which I used ssh and the above terminal output. And I have also noticed that I can connect with the same machine using ssh in nested connections and I have tried 5 level deep!

Out of curiosity I am asking this question to know is this correct? Can't the linux detect its talking to itself?

Improve this question
9
  • 5
    Actually you have 2 phones of which one can only call and one can only receive calls. openssh-server and openssh-client. Commented Dec 10, 2018 at 10:26
  • @RoVo By your analogy, you mean that the server can listen to any client though it maybe its own machine? Commented Dec 10, 2018 at 10:29
  • 1
    To try to connect a machine to itself you may use also: ssh <user>@localhost. The result is the same if you use ssh <user>@<my IP address>. In this way you obtain to have a shell inside the shell that called ssh. Commented Dec 10, 2018 at 10:30
  • 1
    @SirJoBlack Yes this too works and the result is same. Commented Dec 10, 2018 at 10:33
  • 1
    @SirJoBlack: technically not quite, it is possible to have a sshd that will only listen on localhost, or one that only listens to the public IP address; and it's possible for the firewall to treat the two differently. Commented Dec 10, 2018 at 11:32

4 Answers 4

Reset to default
2

In Linux every connection that you are doing normally runs on bash at end, for other unixes other shells are used (and other initialization scripts)

So you can use the current shell initialization scripts to configure the connection behavior of a ssh client by reading the environment variables generated by the ssh client session.

For example in /etc/bash.bashrc something like this can block you from connecting to yourself. 

CNIP=$(echo $SSH_CONNECTION | cut -d' ' -f1)
RNIP=$(echo $SSH_CONNECTION | cut -d' ' -f3)

if [ "$CNIP" == "$RNIP" ] && [ "$CNIP" != "" ] ; then
    echo "We are connecting to ourself, exiting.." 
    exit 1
fi

So in linux, with this you probably will prevent ssh from allowing a connection for the server ip itself.

Linux/Unix are very customizable, it will probably allows you to do everything, including broking your system with a infinite loop if you really wanted it. So if you want to prevent some kind of things you need to be more explicity.

In the other hand I didn't see any troble with this behavior and I am unable to determine why you are concerned about it, but if you really want to prevent for any reason, here are probably a solution.

Improve this answer
1
  • I forget to validate if you are trying to login without ssh or this will lock local authentication... so now I put this additional condidition: && [ "$CNIP" != "" ], this will prevent you from locking local authentication if this is not your intention... Commented Dec 11, 2018 at 13:34
2

Your system is like a building, not like a phone.

You can make many calls to a building. You can call another person within the building.

So when you ssh to the same machine, it makes the call. Then receives the call. The receiving end is not aware that the call is coming from the same machine, and it handles it correctly.

It does not connect it to the same shell/command-line. Unix is a multi-tasking system. If it could do only one task, then there would be a problem. But it can do many. There can be many users connected to a machine, all doing their own thing. If one of these is the self, it does not matter.

Improve this answer
1
  • Slight point of order: It's technically perfectly aware the call is coming from inside the house, it just doesn't care. Commented Aug 28 at 10:21
0

There are a lot of times where a server talking to itself is exactly what you need.

There are even times where sshing into yourself could be useful (though, I'd be surprised if it were often the best tool for that job).

I get the sense that one of your concerns is that this could be somehow dangerous.

It conceivably could be - but not a whole lot more than the classic fork bomb :(){ :|:& };: (don't do this in your term unless you're okay with potentially needing to reboot)

If you were to write and execute a script echo 'ssh localhost -c ". ~/.recursive_ssh" >> ~/recursive_ssh && . ~/recursive_ssh', something bad would probably happen (Best case is that ulimit will come to your rescue, and kill the bomb).

This is functionally not much different than executing bash in bash- You can try it:

bash bash

Will just give you a normal prompt, the difference being that you need to quit twice to quit.

There's not a lot of reason to not want to listen to localhost, and in fact, there's likely not a safer host to talk to.

Sure you can do something silly, like recurse infinitely into ssh sessions, but you didn't need ssh for that

Improve this answer
0

The ssh command you run is the SSH client, which is used to connect to any SSH server. Including the one in which you are running that command.

So your SSH client is connecting to a SSH server running in localhost. Although kind of useless, this is possible and quite normal.

The "phone" analogy is misleading -- clients are used to initiate a "call", servers do "answer" a call, and these are completely independent.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.