How to connect to a linux machine that changes IP regularly?











up vote
6
down vote

favorite
2












My problem is finding a way to SSH into a Linux server (Ubuntu 18.04) whose IP address changes daily.



I have a client who I occasionally help with admin tasks. I need to ssh into the machine when they need help, but they don't have a static IP, so the public IP of the server is constantly changing. I created a small script to report the IP address of the Linux machine, and find that it changes once per day around noon.



I'm able to setup SSH, and it works both locally and remotely... until the IP address changes. Once that happens, I'm no longer able to connect remotely even using the new IP address.




  • Do I need to restart the SSH service every time the IP address changes?

  • If so, why?

  • Is there any other action I need to take when the IP address changes in order to allow SSH access?




UPDATE



To be clear, my problem is NOT finding the new IP address. I have a script to do that already. The problem is the server stops responding once the IP changes, even though I try to connect using the new IP address.



If I restart the SSH service on the target machine, I have remote access again. But I don't understand why I should have to do this. I would like to know the root cause in hopes of finding a better solution.



Most people seem to think SSH should work as long as we know the new IP, so is this something unique to 18.04? I installed this server for the client recently, so all config settings are still default. (The wouldn't know how to change it.)










share|improve this question




















  • 6




    Use dynamic dns.
    – Ipor Sircer
    23 hours ago






  • 6




    Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
    – Michael Hampton
    23 hours ago










  • @IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
    – Guntram Blohm
    14 hours ago















up vote
6
down vote

favorite
2












My problem is finding a way to SSH into a Linux server (Ubuntu 18.04) whose IP address changes daily.



I have a client who I occasionally help with admin tasks. I need to ssh into the machine when they need help, but they don't have a static IP, so the public IP of the server is constantly changing. I created a small script to report the IP address of the Linux machine, and find that it changes once per day around noon.



I'm able to setup SSH, and it works both locally and remotely... until the IP address changes. Once that happens, I'm no longer able to connect remotely even using the new IP address.




  • Do I need to restart the SSH service every time the IP address changes?

  • If so, why?

  • Is there any other action I need to take when the IP address changes in order to allow SSH access?




UPDATE



To be clear, my problem is NOT finding the new IP address. I have a script to do that already. The problem is the server stops responding once the IP changes, even though I try to connect using the new IP address.



If I restart the SSH service on the target machine, I have remote access again. But I don't understand why I should have to do this. I would like to know the root cause in hopes of finding a better solution.



Most people seem to think SSH should work as long as we know the new IP, so is this something unique to 18.04? I installed this server for the client recently, so all config settings are still default. (The wouldn't know how to change it.)










share|improve this question




















  • 6




    Use dynamic dns.
    – Ipor Sircer
    23 hours ago






  • 6




    Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
    – Michael Hampton
    23 hours ago










  • @IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
    – Guntram Blohm
    14 hours ago













up vote
6
down vote

favorite
2









up vote
6
down vote

favorite
2






2





My problem is finding a way to SSH into a Linux server (Ubuntu 18.04) whose IP address changes daily.



I have a client who I occasionally help with admin tasks. I need to ssh into the machine when they need help, but they don't have a static IP, so the public IP of the server is constantly changing. I created a small script to report the IP address of the Linux machine, and find that it changes once per day around noon.



I'm able to setup SSH, and it works both locally and remotely... until the IP address changes. Once that happens, I'm no longer able to connect remotely even using the new IP address.




  • Do I need to restart the SSH service every time the IP address changes?

  • If so, why?

  • Is there any other action I need to take when the IP address changes in order to allow SSH access?




UPDATE



To be clear, my problem is NOT finding the new IP address. I have a script to do that already. The problem is the server stops responding once the IP changes, even though I try to connect using the new IP address.



If I restart the SSH service on the target machine, I have remote access again. But I don't understand why I should have to do this. I would like to know the root cause in hopes of finding a better solution.



Most people seem to think SSH should work as long as we know the new IP, so is this something unique to 18.04? I installed this server for the client recently, so all config settings are still default. (The wouldn't know how to change it.)










share|improve this question















My problem is finding a way to SSH into a Linux server (Ubuntu 18.04) whose IP address changes daily.



I have a client who I occasionally help with admin tasks. I need to ssh into the machine when they need help, but they don't have a static IP, so the public IP of the server is constantly changing. I created a small script to report the IP address of the Linux machine, and find that it changes once per day around noon.



I'm able to setup SSH, and it works both locally and remotely... until the IP address changes. Once that happens, I'm no longer able to connect remotely even using the new IP address.




  • Do I need to restart the SSH service every time the IP address changes?

  • If so, why?

  • Is there any other action I need to take when the IP address changes in order to allow SSH access?




UPDATE



To be clear, my problem is NOT finding the new IP address. I have a script to do that already. The problem is the server stops responding once the IP changes, even though I try to connect using the new IP address.



If I restart the SSH service on the target machine, I have remote access again. But I don't understand why I should have to do this. I would like to know the root cause in hopes of finding a better solution.



Most people seem to think SSH should work as long as we know the new IP, so is this something unique to 18.04? I installed this server for the client recently, so all config settings are still default. (The wouldn't know how to change it.)







ssh remote-access






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 5 hours ago

























asked 23 hours ago









Richard

7619




7619








  • 6




    Use dynamic dns.
    – Ipor Sircer
    23 hours ago






  • 6




    Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
    – Michael Hampton
    23 hours ago










  • @IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
    – Guntram Blohm
    14 hours ago














  • 6




    Use dynamic dns.
    – Ipor Sircer
    23 hours ago






  • 6




    Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
    – Michael Hampton
    23 hours ago










  • @IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
    – kasperd
    22 hours ago






  • 1




    There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
    – Guntram Blohm
    14 hours ago








6




6




Use dynamic dns.
– Ipor Sircer
23 hours ago




Use dynamic dns.
– Ipor Sircer
23 hours ago




6




6




Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
– Michael Hampton
23 hours ago




Yell at their ISP. Changing IP address once a day is absurd for a business connection, and it's even relatively unheard of for a residential connection.
– Michael Hampton
23 hours ago












@IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
– kasperd
22 hours ago




@IporSircer That would be a useful addition to the script which reports the IP address changes. But it doesn't address the problem with the machine being unreachable on the new IP address.
– kasperd
22 hours ago




1




1




You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
– kasperd
22 hours ago




You say ssh access stops working when the IP address changes. But you haven't said when it starts working again. I assume it must somehow start working again, otherwise you couldn't see it stop working every day. And there isn't anything you are supposed to do when the IP address changes. The ssh server will immediately be reachable on the new IP address.
– kasperd
22 hours ago




1




1




There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
– Guntram Blohm
14 hours ago




There could be some weirdness going on like DDNS running, and something like ListenAddress <dynamic host name> in the sshd config file, maybe because someone didn't want internal users being able to ssh into the server. This would actually require restarting the ssh server every time the IP changes.
– Guntram Blohm
14 hours ago










6 Answers
6






active

oldest

votes

















up vote
11
down vote













Dynamic DNS is one option, another is having the server mail or otherwise send you it’s IP. A simple HTTP call would do (to an endpoint you control and log requests on).



Solving the whole public networking the the other way around is possible as well; you could have the server setup a reverse tunnel, or a VPN connection, which will not be affected by the IP change.



Regarding services not responding on the new address: this completely depends on your network setup. For example: WAN IP on an internal interface via DHCP and an SSH server set to only listen to the IP on your interface known at startup would mean sshd has to be restarted on interface changes.






share|improve this answer























  • As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
    – kasperd
    6 hours ago


















up vote
8
down vote













The other answers seem to have overlooked one thing in your question:




Once that happens, I'm no longer able to connect remotely even using the new IP address




DDNS will help you find out the new IP address, but that doesn't seem to be the problem here.



Unfortunately, the server getting a new IP should not be a problem in the standard setup where the ISP provides a router, the server has an internal address behind the router, and the router does the port forwarding. You might need to provide more information about the network topology to get a good answer.



What I could imagine is the server not being behind a router and doing its own PPPoE connection, and a) the ssh server binding to the specific interface address at the point of server restart, b) a firewall on the machine that permits incoming ssh to just the server's IP with the firewall not updating when the IP changes.



To check the first case, do a netstat -nta | grep -w 22 | grep LISTEN. If it says 0.0.0.0:22, that's ok; if it lists a specific IP, then check the sshd config file (/etc/sshd.conf) for ListenAddress.



To check the second case, do iptables -L -n and check if one of the rules in the INCOMING chain matches your server's IP and port 22.



If one of these has the current server address, you'll need to either change it to 0.0.0.0 (make sure you know about the security implications), or update the rule/configuration whenever the IP changes.



Edit



As the server is behind a router, the above ideas probably don't apply(*). In this setup, the router has an external IP (which changes daily), and your internal devices should have some 10.x.y.z or 192.168.x.y addresses which shouldn't change. You connect to the external address, and the router should a port-forwarding rule to the internal address.



This port forwarding shouldn't break when the external IP changes (existing ssh connections will be dropped however), but maybe it's a rule that wasn't setup by you, but by some UPNP magic, with the router dropping UPNP forwards when it gets a new address, and sshd only invoking the rule when it restarts. Did you set up a port forwarder within the router yourself.



Or, it's the internal IP of the server that changes - in that case, something is severely broken with your DHCP. Give your server a fixed internal address.



Or, are you using IPV6? There are some configurations where a device keeps changing its IP to make it less easy to track. See, for example, https://www.internetsociety.org/blog/2014/12/ipv6-privacy-addresses-provide-protection-against-surveillance-and-tracking/ - but in that case, shame on you for not mentioning it in your original post. This might mean your router not doing NAT at all, and my original ideas still being valid even behind a router.






share|improve this answer























  • +1 for being the first answer to actually address what was asked in the question.
    – kasperd
    6 hours ago










  • @Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
    – Richard
    5 hours ago


















up vote
7
down vote













You should really look into ddns services.
As far as remotely being able to connect to a certain machine with dynamic ip address; ddns is the most commonly used solution.



head over to https://noip.com and signup for an account (it's, errr... supposedly..coff..cof .. Free for 1-3 machines running on the same network(if im not mistaken, dont quote me here: its been a while since ive trusted any of these 'free' services... ).
There are also other alternatives such as Afraid DNS (https://freedns.afraid.org/
And even, Cisco's, Open DNS : could also be utilized (provided that this is not you're only client, i'd suggest you sign up for an umbrella account trial, take it for a spin and later sign-up for the real deal >>> they even got one of them GUI-like downloadable extensions which would automatically renew the the ddns hostname
whenever your clients ip change. It really is, the easiest, non-tech savvy way that i'm aware of[just in case you gotta call up one of your clients and ask'm to download the GUI rather .... ])






share|improve this answer








New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.














  • 1




    While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
    – kasperd
    22 hours ago


















up vote
3
down vote














I'm able to setup SSH, and it works both locally and remotely... until
the IP address changes. Once that happens, I'm no longer able to
connect remotely even using the new IP address.




Sometimes, it takes a while for DHCP changes to take effect. Try to recycle the DHCP client on the target machine



$> sudo dhclient -r
$> sudo dhclient



Do I need to restart the service every time the IP address changes?
If so, why?



No. You only need to recycle your ssh service when the configuration changes (/etc/ssh/sshd_conf).




Is there any other action I need to take when the IP address changes in order to allow SSH access?




No.



I have a solution that assumes you have sendmail set up on your target machine.



This script sends an email that shows the IP address that the world thinks we have (Thanks ipify.org). Email will always have the most current IP address.




  1. Create dhcp-notify bash script (without the .sh extension)


  2. Put the script in /etc/dhcp/dhclient-exit-hooks.d



    #!/bin/sh
    case "$reason" in (BOUND|RENEW|REBIND|REBOOT)
    (
    echo To: me@my.email
    echo From: me@my.email
    echo "Content-Type: text/html; "
    echo Subject: DHCP reason: $reason
    echo
    echo Your IP address is: `curl -s https://api.ipify.org`
    ) | sendmail -t
    ;;
    esac



If this doesn't work, you could always set up a cron to send you the current IP address (lose the case statement).



#!/bin/sh
(
echo To: me@my.email
echo From: me@my.email
echo "Content-Type: text/html; "
echo Subject: IP address change
echo
echo Your IP address is: `curl -s https://api.ipify.org`
) | sendmail -t





share|improve this answer










New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
    – rahuldottech
    12 hours ago












  • @karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
    – Richard
    5 hours ago












  • @karlchilders Or does this script only work when you manually recycle dhclient?
    – Richard
    5 hours ago


















up vote
1
down vote













What I've been doing for almost a year.
I ran into your problem in January this year while giving a speech at my local university.



This script has been running on my machine ever since then:
//Pretty much self-explanatory//



import smtplib
from requests import get
import time

user = 'exampleemail@gmail.com'
psd = 'examplepassword'
msg = 'Hey, your ip has changed! Use this one from now on: '
currip = '0.0.0.0' # It'll send an email the first time you execute this aswell
while True:
newip = get('https://api.ipify.org').text
if currip == newip:
print("nonewip")
#You can just comment the line above this one if you want to
else:
tmpmsg = "n"+msg + newip +" The old one used to be: "+currip
currip = newip
server = smtplib.SMTP('smtp.gmail.com', 587)
server.connect('smtp.gmail.com')
server.ehlo()
server.starttls()
server.ehlo()
server.login(user,psd)
#You can change the second parameter, use ('from','to','message')
server.sendmail(user, user, tmpmsg)

server.quit()
with open('/home/pi/DEV/iphistory.txt', 'a') as f:
f.write('newip: '+currip+'n')
f.close()
print('New IP Found: '+tmpmsg)
time.sleep(7200)


Python 3.x should work flawlessly
Maybe not the best solution out there, but it works.



You'll get an email in your Inbox each time the machine's public IP changes.



Now, regarding your questions:



Do I need to restart the service every time the IP address changes?
If by restarting the service you mean re-establishing the ssh connection, yes.



If so, why?
Because if the address you're trying to communicate with no longer provides the service you're looking for. It's not your machine anymore.



Is there any other action I need to take when the IP address changes in order to allow SSH access?
Just SSH to the new address.



Cheers!
JSR






share|improve this answer










New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
    – Richard
    5 hours ago










  • Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
    – JSR
    5 hours ago












  • Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
    – Richard
    5 hours ago


















up vote
0
down vote













Thinking outside the box - could you arrange a fixed IPv6 address? It's usually only IPv4 addresses that need to change, due to their scarcity.






share|improve this answer





















  • The IP address that I pull down is actually IPv6 every time.
    – Richard
    3 hours ago










  • @Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
    – MSalters
    3 hours ago











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














 

draft saved


draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f939722%2fhow-to-connect-to-a-linux-machine-that-changes-ip-regularly%23new-answer', 'question_page');
}
);

Post as a guest
































6 Answers
6






active

oldest

votes








6 Answers
6






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
11
down vote













Dynamic DNS is one option, another is having the server mail or otherwise send you it’s IP. A simple HTTP call would do (to an endpoint you control and log requests on).



Solving the whole public networking the the other way around is possible as well; you could have the server setup a reverse tunnel, or a VPN connection, which will not be affected by the IP change.



Regarding services not responding on the new address: this completely depends on your network setup. For example: WAN IP on an internal interface via DHCP and an SSH server set to only listen to the IP on your interface known at startup would mean sshd has to be restarted on interface changes.






share|improve this answer























  • As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
    – kasperd
    6 hours ago















up vote
11
down vote













Dynamic DNS is one option, another is having the server mail or otherwise send you it’s IP. A simple HTTP call would do (to an endpoint you control and log requests on).



Solving the whole public networking the the other way around is possible as well; you could have the server setup a reverse tunnel, or a VPN connection, which will not be affected by the IP change.



Regarding services not responding on the new address: this completely depends on your network setup. For example: WAN IP on an internal interface via DHCP and an SSH server set to only listen to the IP on your interface known at startup would mean sshd has to be restarted on interface changes.






share|improve this answer























  • As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
    – kasperd
    6 hours ago













up vote
11
down vote










up vote
11
down vote









Dynamic DNS is one option, another is having the server mail or otherwise send you it’s IP. A simple HTTP call would do (to an endpoint you control and log requests on).



Solving the whole public networking the the other way around is possible as well; you could have the server setup a reverse tunnel, or a VPN connection, which will not be affected by the IP change.



Regarding services not responding on the new address: this completely depends on your network setup. For example: WAN IP on an internal interface via DHCP and an SSH server set to only listen to the IP on your interface known at startup would mean sshd has to be restarted on interface changes.






share|improve this answer














Dynamic DNS is one option, another is having the server mail or otherwise send you it’s IP. A simple HTTP call would do (to an endpoint you control and log requests on).



Solving the whole public networking the the other way around is possible as well; you could have the server setup a reverse tunnel, or a VPN connection, which will not be affected by the IP change.



Regarding services not responding on the new address: this completely depends on your network setup. For example: WAN IP on an internal interface via DHCP and an SSH server set to only listen to the IP on your interface known at startup would mean sshd has to be restarted on interface changes.







share|improve this answer














share|improve this answer



share|improve this answer








edited 5 hours ago

























answered 19 hours ago









John Keates

61549




61549












  • As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
    – kasperd
    6 hours ago


















  • As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
    – kasperd
    6 hours ago
















As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
– kasperd
6 hours ago




As described in the question there is already a solution in place to find the new IP address. Thus adding dynamic DNS would not really solve any problems. The problem as described is that the ssh server stops responding when the IP address changes. You haven't addressed that problem. VPN connections and reverse tunnels are OTOH expected to stop working when the IP changes, so you need something in place to restart those automatically.
– kasperd
6 hours ago












up vote
8
down vote













The other answers seem to have overlooked one thing in your question:




Once that happens, I'm no longer able to connect remotely even using the new IP address




DDNS will help you find out the new IP address, but that doesn't seem to be the problem here.



Unfortunately, the server getting a new IP should not be a problem in the standard setup where the ISP provides a router, the server has an internal address behind the router, and the router does the port forwarding. You might need to provide more information about the network topology to get a good answer.



What I could imagine is the server not being behind a router and doing its own PPPoE connection, and a) the ssh server binding to the specific interface address at the point of server restart, b) a firewall on the machine that permits incoming ssh to just the server's IP with the firewall not updating when the IP changes.



To check the first case, do a netstat -nta | grep -w 22 | grep LISTEN. If it says 0.0.0.0:22, that's ok; if it lists a specific IP, then check the sshd config file (/etc/sshd.conf) for ListenAddress.



To check the second case, do iptables -L -n and check if one of the rules in the INCOMING chain matches your server's IP and port 22.



If one of these has the current server address, you'll need to either change it to 0.0.0.0 (make sure you know about the security implications), or update the rule/configuration whenever the IP changes.



Edit



As the server is behind a router, the above ideas probably don't apply(*). In this setup, the router has an external IP (which changes daily), and your internal devices should have some 10.x.y.z or 192.168.x.y addresses which shouldn't change. You connect to the external address, and the router should a port-forwarding rule to the internal address.



This port forwarding shouldn't break when the external IP changes (existing ssh connections will be dropped however), but maybe it's a rule that wasn't setup by you, but by some UPNP magic, with the router dropping UPNP forwards when it gets a new address, and sshd only invoking the rule when it restarts. Did you set up a port forwarder within the router yourself.



Or, it's the internal IP of the server that changes - in that case, something is severely broken with your DHCP. Give your server a fixed internal address.



Or, are you using IPV6? There are some configurations where a device keeps changing its IP to make it less easy to track. See, for example, https://www.internetsociety.org/blog/2014/12/ipv6-privacy-addresses-provide-protection-against-surveillance-and-tracking/ - but in that case, shame on you for not mentioning it in your original post. This might mean your router not doing NAT at all, and my original ideas still being valid even behind a router.






share|improve this answer























  • +1 for being the first answer to actually address what was asked in the question.
    – kasperd
    6 hours ago










  • @Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
    – Richard
    5 hours ago















up vote
8
down vote













The other answers seem to have overlooked one thing in your question:




Once that happens, I'm no longer able to connect remotely even using the new IP address




DDNS will help you find out the new IP address, but that doesn't seem to be the problem here.



Unfortunately, the server getting a new IP should not be a problem in the standard setup where the ISP provides a router, the server has an internal address behind the router, and the router does the port forwarding. You might need to provide more information about the network topology to get a good answer.



What I could imagine is the server not being behind a router and doing its own PPPoE connection, and a) the ssh server binding to the specific interface address at the point of server restart, b) a firewall on the machine that permits incoming ssh to just the server's IP with the firewall not updating when the IP changes.



To check the first case, do a netstat -nta | grep -w 22 | grep LISTEN. If it says 0.0.0.0:22, that's ok; if it lists a specific IP, then check the sshd config file (/etc/sshd.conf) for ListenAddress.



To check the second case, do iptables -L -n and check if one of the rules in the INCOMING chain matches your server's IP and port 22.



If one of these has the current server address, you'll need to either change it to 0.0.0.0 (make sure you know about the security implications), or update the rule/configuration whenever the IP changes.



Edit



As the server is behind a router, the above ideas probably don't apply(*). In this setup, the router has an external IP (which changes daily), and your internal devices should have some 10.x.y.z or 192.168.x.y addresses which shouldn't change. You connect to the external address, and the router should a port-forwarding rule to the internal address.



This port forwarding shouldn't break when the external IP changes (existing ssh connections will be dropped however), but maybe it's a rule that wasn't setup by you, but by some UPNP magic, with the router dropping UPNP forwards when it gets a new address, and sshd only invoking the rule when it restarts. Did you set up a port forwarder within the router yourself.



Or, it's the internal IP of the server that changes - in that case, something is severely broken with your DHCP. Give your server a fixed internal address.



Or, are you using IPV6? There are some configurations where a device keeps changing its IP to make it less easy to track. See, for example, https://www.internetsociety.org/blog/2014/12/ipv6-privacy-addresses-provide-protection-against-surveillance-and-tracking/ - but in that case, shame on you for not mentioning it in your original post. This might mean your router not doing NAT at all, and my original ideas still being valid even behind a router.






share|improve this answer























  • +1 for being the first answer to actually address what was asked in the question.
    – kasperd
    6 hours ago










  • @Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
    – Richard
    5 hours ago













up vote
8
down vote










up vote
8
down vote









The other answers seem to have overlooked one thing in your question:




Once that happens, I'm no longer able to connect remotely even using the new IP address




DDNS will help you find out the new IP address, but that doesn't seem to be the problem here.



Unfortunately, the server getting a new IP should not be a problem in the standard setup where the ISP provides a router, the server has an internal address behind the router, and the router does the port forwarding. You might need to provide more information about the network topology to get a good answer.



What I could imagine is the server not being behind a router and doing its own PPPoE connection, and a) the ssh server binding to the specific interface address at the point of server restart, b) a firewall on the machine that permits incoming ssh to just the server's IP with the firewall not updating when the IP changes.



To check the first case, do a netstat -nta | grep -w 22 | grep LISTEN. If it says 0.0.0.0:22, that's ok; if it lists a specific IP, then check the sshd config file (/etc/sshd.conf) for ListenAddress.



To check the second case, do iptables -L -n and check if one of the rules in the INCOMING chain matches your server's IP and port 22.



If one of these has the current server address, you'll need to either change it to 0.0.0.0 (make sure you know about the security implications), or update the rule/configuration whenever the IP changes.



Edit



As the server is behind a router, the above ideas probably don't apply(*). In this setup, the router has an external IP (which changes daily), and your internal devices should have some 10.x.y.z or 192.168.x.y addresses which shouldn't change. You connect to the external address, and the router should a port-forwarding rule to the internal address.



This port forwarding shouldn't break when the external IP changes (existing ssh connections will be dropped however), but maybe it's a rule that wasn't setup by you, but by some UPNP magic, with the router dropping UPNP forwards when it gets a new address, and sshd only invoking the rule when it restarts. Did you set up a port forwarder within the router yourself.



Or, it's the internal IP of the server that changes - in that case, something is severely broken with your DHCP. Give your server a fixed internal address.



Or, are you using IPV6? There are some configurations where a device keeps changing its IP to make it less easy to track. See, for example, https://www.internetsociety.org/blog/2014/12/ipv6-privacy-addresses-provide-protection-against-surveillance-and-tracking/ - but in that case, shame on you for not mentioning it in your original post. This might mean your router not doing NAT at all, and my original ideas still being valid even behind a router.






share|improve this answer














The other answers seem to have overlooked one thing in your question:




Once that happens, I'm no longer able to connect remotely even using the new IP address




DDNS will help you find out the new IP address, but that doesn't seem to be the problem here.



Unfortunately, the server getting a new IP should not be a problem in the standard setup where the ISP provides a router, the server has an internal address behind the router, and the router does the port forwarding. You might need to provide more information about the network topology to get a good answer.



What I could imagine is the server not being behind a router and doing its own PPPoE connection, and a) the ssh server binding to the specific interface address at the point of server restart, b) a firewall on the machine that permits incoming ssh to just the server's IP with the firewall not updating when the IP changes.



To check the first case, do a netstat -nta | grep -w 22 | grep LISTEN. If it says 0.0.0.0:22, that's ok; if it lists a specific IP, then check the sshd config file (/etc/sshd.conf) for ListenAddress.



To check the second case, do iptables -L -n and check if one of the rules in the INCOMING chain matches your server's IP and port 22.



If one of these has the current server address, you'll need to either change it to 0.0.0.0 (make sure you know about the security implications), or update the rule/configuration whenever the IP changes.



Edit



As the server is behind a router, the above ideas probably don't apply(*). In this setup, the router has an external IP (which changes daily), and your internal devices should have some 10.x.y.z or 192.168.x.y addresses which shouldn't change. You connect to the external address, and the router should a port-forwarding rule to the internal address.



This port forwarding shouldn't break when the external IP changes (existing ssh connections will be dropped however), but maybe it's a rule that wasn't setup by you, but by some UPNP magic, with the router dropping UPNP forwards when it gets a new address, and sshd only invoking the rule when it restarts. Did you set up a port forwarder within the router yourself.



Or, it's the internal IP of the server that changes - in that case, something is severely broken with your DHCP. Give your server a fixed internal address.



Or, are you using IPV6? There are some configurations where a device keeps changing its IP to make it less easy to track. See, for example, https://www.internetsociety.org/blog/2014/12/ipv6-privacy-addresses-provide-protection-against-surveillance-and-tracking/ - but in that case, shame on you for not mentioning it in your original post. This might mean your router not doing NAT at all, and my original ideas still being valid even behind a router.







share|improve this answer














share|improve this answer



share|improve this answer








edited 3 hours ago

























answered 14 hours ago









Guntram Blohm

32915




32915












  • +1 for being the first answer to actually address what was asked in the question.
    – kasperd
    6 hours ago










  • @Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
    – Richard
    5 hours ago


















  • +1 for being the first answer to actually address what was asked in the question.
    – kasperd
    6 hours ago










  • @Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
    – Richard
    5 hours ago
















+1 for being the first answer to actually address what was asked in the question.
– kasperd
6 hours ago




+1 for being the first answer to actually address what was asked in the question.
– kasperd
6 hours ago












@Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
– Richard
5 hours ago




@Guntram Blohm Thanks for the answer! The server is behind a router. Would these two possibilities still hold true in that scenario? If so, I'll check them both in the next day or so when I can locally access the target machine.
– Richard
5 hours ago










up vote
7
down vote













You should really look into ddns services.
As far as remotely being able to connect to a certain machine with dynamic ip address; ddns is the most commonly used solution.



head over to https://noip.com and signup for an account (it's, errr... supposedly..coff..cof .. Free for 1-3 machines running on the same network(if im not mistaken, dont quote me here: its been a while since ive trusted any of these 'free' services... ).
There are also other alternatives such as Afraid DNS (https://freedns.afraid.org/
And even, Cisco's, Open DNS : could also be utilized (provided that this is not you're only client, i'd suggest you sign up for an umbrella account trial, take it for a spin and later sign-up for the real deal >>> they even got one of them GUI-like downloadable extensions which would automatically renew the the ddns hostname
whenever your clients ip change. It really is, the easiest, non-tech savvy way that i'm aware of[just in case you gotta call up one of your clients and ask'm to download the GUI rather .... ])






share|improve this answer








New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.














  • 1




    While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
    – kasperd
    22 hours ago















up vote
7
down vote













You should really look into ddns services.
As far as remotely being able to connect to a certain machine with dynamic ip address; ddns is the most commonly used solution.



head over to https://noip.com and signup for an account (it's, errr... supposedly..coff..cof .. Free for 1-3 machines running on the same network(if im not mistaken, dont quote me here: its been a while since ive trusted any of these 'free' services... ).
There are also other alternatives such as Afraid DNS (https://freedns.afraid.org/
And even, Cisco's, Open DNS : could also be utilized (provided that this is not you're only client, i'd suggest you sign up for an umbrella account trial, take it for a spin and later sign-up for the real deal >>> they even got one of them GUI-like downloadable extensions which would automatically renew the the ddns hostname
whenever your clients ip change. It really is, the easiest, non-tech savvy way that i'm aware of[just in case you gotta call up one of your clients and ask'm to download the GUI rather .... ])






share|improve this answer








New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.














  • 1




    While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
    – kasperd
    22 hours ago













up vote
7
down vote










up vote
7
down vote









You should really look into ddns services.
As far as remotely being able to connect to a certain machine with dynamic ip address; ddns is the most commonly used solution.



head over to https://noip.com and signup for an account (it's, errr... supposedly..coff..cof .. Free for 1-3 machines running on the same network(if im not mistaken, dont quote me here: its been a while since ive trusted any of these 'free' services... ).
There are also other alternatives such as Afraid DNS (https://freedns.afraid.org/
And even, Cisco's, Open DNS : could also be utilized (provided that this is not you're only client, i'd suggest you sign up for an umbrella account trial, take it for a spin and later sign-up for the real deal >>> they even got one of them GUI-like downloadable extensions which would automatically renew the the ddns hostname
whenever your clients ip change. It really is, the easiest, non-tech savvy way that i'm aware of[just in case you gotta call up one of your clients and ask'm to download the GUI rather .... ])






share|improve this answer








New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









You should really look into ddns services.
As far as remotely being able to connect to a certain machine with dynamic ip address; ddns is the most commonly used solution.



head over to https://noip.com and signup for an account (it's, errr... supposedly..coff..cof .. Free for 1-3 machines running on the same network(if im not mistaken, dont quote me here: its been a while since ive trusted any of these 'free' services... ).
There are also other alternatives such as Afraid DNS (https://freedns.afraid.org/
And even, Cisco's, Open DNS : could also be utilized (provided that this is not you're only client, i'd suggest you sign up for an umbrella account trial, take it for a spin and later sign-up for the real deal >>> they even got one of them GUI-like downloadable extensions which would automatically renew the the ddns hostname
whenever your clients ip change. It really is, the easiest, non-tech savvy way that i'm aware of[just in case you gotta call up one of your clients and ask'm to download the GUI rather .... ])







share|improve this answer








New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer






New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 23 hours ago









dotbiggie

713




713




New contributor




dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






dotbiggie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 1




    While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
    – kasperd
    22 hours ago














  • 1




    While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
    – kasperd
    22 hours ago








1




1




While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
– kasperd
22 hours ago




While this is certainly helpful for accessing a host on changing IP addresses, that isn't what the question is asking about. The question is why the ssh server stops responding when the IP address changes and how to fix that. A dynamic DNS service does not address that.
– kasperd
22 hours ago










up vote
3
down vote














I'm able to setup SSH, and it works both locally and remotely... until
the IP address changes. Once that happens, I'm no longer able to
connect remotely even using the new IP address.




Sometimes, it takes a while for DHCP changes to take effect. Try to recycle the DHCP client on the target machine



$> sudo dhclient -r
$> sudo dhclient



Do I need to restart the service every time the IP address changes?
If so, why?



No. You only need to recycle your ssh service when the configuration changes (/etc/ssh/sshd_conf).




Is there any other action I need to take when the IP address changes in order to allow SSH access?




No.



I have a solution that assumes you have sendmail set up on your target machine.



This script sends an email that shows the IP address that the world thinks we have (Thanks ipify.org). Email will always have the most current IP address.




  1. Create dhcp-notify bash script (without the .sh extension)


  2. Put the script in /etc/dhcp/dhclient-exit-hooks.d



    #!/bin/sh
    case "$reason" in (BOUND|RENEW|REBIND|REBOOT)
    (
    echo To: me@my.email
    echo From: me@my.email
    echo "Content-Type: text/html; "
    echo Subject: DHCP reason: $reason
    echo
    echo Your IP address is: `curl -s https://api.ipify.org`
    ) | sendmail -t
    ;;
    esac



If this doesn't work, you could always set up a cron to send you the current IP address (lose the case statement).



#!/bin/sh
(
echo To: me@my.email
echo From: me@my.email
echo "Content-Type: text/html; "
echo Subject: IP address change
echo
echo Your IP address is: `curl -s https://api.ipify.org`
) | sendmail -t





share|improve this answer










New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
    – rahuldottech
    12 hours ago












  • @karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
    – Richard
    5 hours ago












  • @karlchilders Or does this script only work when you manually recycle dhclient?
    – Richard
    5 hours ago















up vote
3
down vote














I'm able to setup SSH, and it works both locally and remotely... until
the IP address changes. Once that happens, I'm no longer able to
connect remotely even using the new IP address.




Sometimes, it takes a while for DHCP changes to take effect. Try to recycle the DHCP client on the target machine



$> sudo dhclient -r
$> sudo dhclient



Do I need to restart the service every time the IP address changes?
If so, why?



No. You only need to recycle your ssh service when the configuration changes (/etc/ssh/sshd_conf).




Is there any other action I need to take when the IP address changes in order to allow SSH access?




No.



I have a solution that assumes you have sendmail set up on your target machine.



This script sends an email that shows the IP address that the world thinks we have (Thanks ipify.org). Email will always have the most current IP address.




  1. Create dhcp-notify bash script (without the .sh extension)


  2. Put the script in /etc/dhcp/dhclient-exit-hooks.d



    #!/bin/sh
    case "$reason" in (BOUND|RENEW|REBIND|REBOOT)
    (
    echo To: me@my.email
    echo From: me@my.email
    echo "Content-Type: text/html; "
    echo Subject: DHCP reason: $reason
    echo
    echo Your IP address is: `curl -s https://api.ipify.org`
    ) | sendmail -t
    ;;
    esac



If this doesn't work, you could always set up a cron to send you the current IP address (lose the case statement).



#!/bin/sh
(
echo To: me@my.email
echo From: me@my.email
echo "Content-Type: text/html; "
echo Subject: IP address change
echo
echo Your IP address is: `curl -s https://api.ipify.org`
) | sendmail -t





share|improve this answer










New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
    – rahuldottech
    12 hours ago












  • @karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
    – Richard
    5 hours ago












  • @karlchilders Or does this script only work when you manually recycle dhclient?
    – Richard
    5 hours ago













up vote
3
down vote










up vote
3
down vote










I'm able to setup SSH, and it works both locally and remotely... until
the IP address changes. Once that happens, I'm no longer able to
connect remotely even using the new IP address.




Sometimes, it takes a while for DHCP changes to take effect. Try to recycle the DHCP client on the target machine



$> sudo dhclient -r
$> sudo dhclient



Do I need to restart the service every time the IP address changes?
If so, why?



No. You only need to recycle your ssh service when the configuration changes (/etc/ssh/sshd_conf).




Is there any other action I need to take when the IP address changes in order to allow SSH access?




No.



I have a solution that assumes you have sendmail set up on your target machine.



This script sends an email that shows the IP address that the world thinks we have (Thanks ipify.org). Email will always have the most current IP address.




  1. Create dhcp-notify bash script (without the .sh extension)


  2. Put the script in /etc/dhcp/dhclient-exit-hooks.d



    #!/bin/sh
    case "$reason" in (BOUND|RENEW|REBIND|REBOOT)
    (
    echo To: me@my.email
    echo From: me@my.email
    echo "Content-Type: text/html; "
    echo Subject: DHCP reason: $reason
    echo
    echo Your IP address is: `curl -s https://api.ipify.org`
    ) | sendmail -t
    ;;
    esac



If this doesn't work, you could always set up a cron to send you the current IP address (lose the case statement).



#!/bin/sh
(
echo To: me@my.email
echo From: me@my.email
echo "Content-Type: text/html; "
echo Subject: IP address change
echo
echo Your IP address is: `curl -s https://api.ipify.org`
) | sendmail -t





share|improve this answer










New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










I'm able to setup SSH, and it works both locally and remotely... until
the IP address changes. Once that happens, I'm no longer able to
connect remotely even using the new IP address.




Sometimes, it takes a while for DHCP changes to take effect. Try to recycle the DHCP client on the target machine



$> sudo dhclient -r
$> sudo dhclient



Do I need to restart the service every time the IP address changes?
If so, why?



No. You only need to recycle your ssh service when the configuration changes (/etc/ssh/sshd_conf).




Is there any other action I need to take when the IP address changes in order to allow SSH access?




No.



I have a solution that assumes you have sendmail set up on your target machine.



This script sends an email that shows the IP address that the world thinks we have (Thanks ipify.org). Email will always have the most current IP address.




  1. Create dhcp-notify bash script (without the .sh extension)


  2. Put the script in /etc/dhcp/dhclient-exit-hooks.d



    #!/bin/sh
    case "$reason" in (BOUND|RENEW|REBIND|REBOOT)
    (
    echo To: me@my.email
    echo From: me@my.email
    echo "Content-Type: text/html; "
    echo Subject: DHCP reason: $reason
    echo
    echo Your IP address is: `curl -s https://api.ipify.org`
    ) | sendmail -t
    ;;
    esac



If this doesn't work, you could always set up a cron to send you the current IP address (lose the case statement).



#!/bin/sh
(
echo To: me@my.email
echo From: me@my.email
echo "Content-Type: text/html; "
echo Subject: IP address change
echo
echo Your IP address is: `curl -s https://api.ipify.org`
) | sendmail -t






share|improve this answer










New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 9 hours ago









alexander.polomodov

1,1282612




1,1282612






New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 15 hours ago









karlchilders

312




312




New contributor




karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






karlchilders is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
    – rahuldottech
    12 hours ago












  • @karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
    – Richard
    5 hours ago












  • @karlchilders Or does this script only work when you manually recycle dhclient?
    – Richard
    5 hours ago


















  • I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
    – rahuldottech
    12 hours ago












  • @karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
    – Richard
    5 hours ago












  • @karlchilders Or does this script only work when you manually recycle dhclient?
    – Richard
    5 hours ago
















I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
– rahuldottech
12 hours ago






I was just about to suggest this, it's a great idea, and the first thing which came to mind when I read the question. Also, if you're having issues with api.ipify.org (it's blocked on my school network for some reason), you can use this other site which I made a few months previously which does the same thing: findip.win
– rahuldottech
12 hours ago














@karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
– Richard
5 hours ago






@karlchilders Thanks for the answer! I already have a cron script reporting the ip address to me, but I had no idea about dhclient hooks. That is awesome! I would much rather only have the IP reported when it actually changes. Question: If this script is able to work and report the IP address, why would recycling dhclient have an effect on SSH access?
– Richard
5 hours ago














@karlchilders Or does this script only work when you manually recycle dhclient?
– Richard
5 hours ago




@karlchilders Or does this script only work when you manually recycle dhclient?
– Richard
5 hours ago










up vote
1
down vote













What I've been doing for almost a year.
I ran into your problem in January this year while giving a speech at my local university.



This script has been running on my machine ever since then:
//Pretty much self-explanatory//



import smtplib
from requests import get
import time

user = 'exampleemail@gmail.com'
psd = 'examplepassword'
msg = 'Hey, your ip has changed! Use this one from now on: '
currip = '0.0.0.0' # It'll send an email the first time you execute this aswell
while True:
newip = get('https://api.ipify.org').text
if currip == newip:
print("nonewip")
#You can just comment the line above this one if you want to
else:
tmpmsg = "n"+msg + newip +" The old one used to be: "+currip
currip = newip
server = smtplib.SMTP('smtp.gmail.com', 587)
server.connect('smtp.gmail.com')
server.ehlo()
server.starttls()
server.ehlo()
server.login(user,psd)
#You can change the second parameter, use ('from','to','message')
server.sendmail(user, user, tmpmsg)

server.quit()
with open('/home/pi/DEV/iphistory.txt', 'a') as f:
f.write('newip: '+currip+'n')
f.close()
print('New IP Found: '+tmpmsg)
time.sleep(7200)


Python 3.x should work flawlessly
Maybe not the best solution out there, but it works.



You'll get an email in your Inbox each time the machine's public IP changes.



Now, regarding your questions:



Do I need to restart the service every time the IP address changes?
If by restarting the service you mean re-establishing the ssh connection, yes.



If so, why?
Because if the address you're trying to communicate with no longer provides the service you're looking for. It's not your machine anymore.



Is there any other action I need to take when the IP address changes in order to allow SSH access?
Just SSH to the new address.



Cheers!
JSR






share|improve this answer










New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
    – Richard
    5 hours ago










  • Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
    – JSR
    5 hours ago












  • Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
    – Richard
    5 hours ago















up vote
1
down vote













What I've been doing for almost a year.
I ran into your problem in January this year while giving a speech at my local university.



This script has been running on my machine ever since then:
//Pretty much self-explanatory//



import smtplib
from requests import get
import time

user = 'exampleemail@gmail.com'
psd = 'examplepassword'
msg = 'Hey, your ip has changed! Use this one from now on: '
currip = '0.0.0.0' # It'll send an email the first time you execute this aswell
while True:
newip = get('https://api.ipify.org').text
if currip == newip:
print("nonewip")
#You can just comment the line above this one if you want to
else:
tmpmsg = "n"+msg + newip +" The old one used to be: "+currip
currip = newip
server = smtplib.SMTP('smtp.gmail.com', 587)
server.connect('smtp.gmail.com')
server.ehlo()
server.starttls()
server.ehlo()
server.login(user,psd)
#You can change the second parameter, use ('from','to','message')
server.sendmail(user, user, tmpmsg)

server.quit()
with open('/home/pi/DEV/iphistory.txt', 'a') as f:
f.write('newip: '+currip+'n')
f.close()
print('New IP Found: '+tmpmsg)
time.sleep(7200)


Python 3.x should work flawlessly
Maybe not the best solution out there, but it works.



You'll get an email in your Inbox each time the machine's public IP changes.



Now, regarding your questions:



Do I need to restart the service every time the IP address changes?
If by restarting the service you mean re-establishing the ssh connection, yes.



If so, why?
Because if the address you're trying to communicate with no longer provides the service you're looking for. It's not your machine anymore.



Is there any other action I need to take when the IP address changes in order to allow SSH access?
Just SSH to the new address.



Cheers!
JSR






share|improve this answer










New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















  • Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
    – Richard
    5 hours ago










  • Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
    – JSR
    5 hours ago












  • Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
    – Richard
    5 hours ago













up vote
1
down vote










up vote
1
down vote









What I've been doing for almost a year.
I ran into your problem in January this year while giving a speech at my local university.



This script has been running on my machine ever since then:
//Pretty much self-explanatory//



import smtplib
from requests import get
import time

user = 'exampleemail@gmail.com'
psd = 'examplepassword'
msg = 'Hey, your ip has changed! Use this one from now on: '
currip = '0.0.0.0' # It'll send an email the first time you execute this aswell
while True:
newip = get('https://api.ipify.org').text
if currip == newip:
print("nonewip")
#You can just comment the line above this one if you want to
else:
tmpmsg = "n"+msg + newip +" The old one used to be: "+currip
currip = newip
server = smtplib.SMTP('smtp.gmail.com', 587)
server.connect('smtp.gmail.com')
server.ehlo()
server.starttls()
server.ehlo()
server.login(user,psd)
#You can change the second parameter, use ('from','to','message')
server.sendmail(user, user, tmpmsg)

server.quit()
with open('/home/pi/DEV/iphistory.txt', 'a') as f:
f.write('newip: '+currip+'n')
f.close()
print('New IP Found: '+tmpmsg)
time.sleep(7200)


Python 3.x should work flawlessly
Maybe not the best solution out there, but it works.



You'll get an email in your Inbox each time the machine's public IP changes.



Now, regarding your questions:



Do I need to restart the service every time the IP address changes?
If by restarting the service you mean re-establishing the ssh connection, yes.



If so, why?
Because if the address you're trying to communicate with no longer provides the service you're looking for. It's not your machine anymore.



Is there any other action I need to take when the IP address changes in order to allow SSH access?
Just SSH to the new address.



Cheers!
JSR






share|improve this answer










New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









What I've been doing for almost a year.
I ran into your problem in January this year while giving a speech at my local university.



This script has been running on my machine ever since then:
//Pretty much self-explanatory//



import smtplib
from requests import get
import time

user = 'exampleemail@gmail.com'
psd = 'examplepassword'
msg = 'Hey, your ip has changed! Use this one from now on: '
currip = '0.0.0.0' # It'll send an email the first time you execute this aswell
while True:
newip = get('https://api.ipify.org').text
if currip == newip:
print("nonewip")
#You can just comment the line above this one if you want to
else:
tmpmsg = "n"+msg + newip +" The old one used to be: "+currip
currip = newip
server = smtplib.SMTP('smtp.gmail.com', 587)
server.connect('smtp.gmail.com')
server.ehlo()
server.starttls()
server.ehlo()
server.login(user,psd)
#You can change the second parameter, use ('from','to','message')
server.sendmail(user, user, tmpmsg)

server.quit()
with open('/home/pi/DEV/iphistory.txt', 'a') as f:
f.write('newip: '+currip+'n')
f.close()
print('New IP Found: '+tmpmsg)
time.sleep(7200)


Python 3.x should work flawlessly
Maybe not the best solution out there, but it works.



You'll get an email in your Inbox each time the machine's public IP changes.



Now, regarding your questions:



Do I need to restart the service every time the IP address changes?
If by restarting the service you mean re-establishing the ssh connection, yes.



If so, why?
Because if the address you're trying to communicate with no longer provides the service you're looking for. It's not your machine anymore.



Is there any other action I need to take when the IP address changes in order to allow SSH access?
Just SSH to the new address.



Cheers!
JSR







share|improve this answer










New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 5 hours ago





















New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 5 hours ago









JSR

112




112




New contributor




JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






JSR is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
    – Richard
    5 hours ago










  • Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
    – JSR
    5 hours ago












  • Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
    – Richard
    5 hours ago


















  • Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
    – Richard
    5 hours ago










  • Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
    – JSR
    5 hours ago












  • Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
    – Richard
    5 hours ago
















Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
– Richard
5 hours ago




Thanks for the answer @JSR! I have actually written a similar script to report the IP address to me. But once it changes, even knowing the new IP address, I'm unable to SSH into the remote machine. Have you encountered that issue?
– Richard
5 hours ago












Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
– JSR
5 hours ago






Are you sure you're retrieving the right address? if so, try to ping at it once you get the IP. I've never seen that issue before Also, just in case you didn't know, you can run the script on background with "python3 scriptname.py &" Also, check the forwarding ports of the router, I assume the local IP doesn't change, but still it's worth checking out.
– JSR
5 hours ago














Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
– Richard
5 hours ago




Yes, the IP is correct. If I restart the SSH service on the target machine, I'm able to connect again. But I don't understand why that should be the case.
– Richard
5 hours ago










up vote
0
down vote













Thinking outside the box - could you arrange a fixed IPv6 address? It's usually only IPv4 addresses that need to change, due to their scarcity.






share|improve this answer





















  • The IP address that I pull down is actually IPv6 every time.
    – Richard
    3 hours ago










  • @Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
    – MSalters
    3 hours ago















up vote
0
down vote













Thinking outside the box - could you arrange a fixed IPv6 address? It's usually only IPv4 addresses that need to change, due to their scarcity.






share|improve this answer





















  • The IP address that I pull down is actually IPv6 every time.
    – Richard
    3 hours ago










  • @Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
    – MSalters
    3 hours ago













up vote
0
down vote










up vote
0
down vote









Thinking outside the box - could you arrange a fixed IPv6 address? It's usually only IPv4 addresses that need to change, due to their scarcity.






share|improve this answer












Thinking outside the box - could you arrange a fixed IPv6 address? It's usually only IPv4 addresses that need to change, due to their scarcity.







share|improve this answer












share|improve this answer



share|improve this answer










answered 4 hours ago









MSalters

58546




58546












  • The IP address that I pull down is actually IPv6 every time.
    – Richard
    3 hours ago










  • @Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
    – MSalters
    3 hours ago


















  • The IP address that I pull down is actually IPv6 every time.
    – Richard
    3 hours ago










  • @Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
    – MSalters
    3 hours ago
















The IP address that I pull down is actually IPv6 every time.
– Richard
3 hours ago




The IP address that I pull down is actually IPv6 every time.
– Richard
3 hours ago












@Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
– MSalters
3 hours ago




@Richard: Sorry to hear it doesn't work for you. I'll leave the answer up for other people who have this problem with IPv4.
– MSalters
3 hours ago


















 

draft saved


draft discarded



















































 


draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f939722%2fhow-to-connect-to-a-linux-machine-that-changes-ip-regularly%23new-answer', 'question_page');
}
);

Post as a guest




















































































Popular posts from this blog

Сан-Квентин

8-я гвардейская общевойсковая армия

Алькесар