ITdojo’s v6 Vertex #2: Forcing ssh to use IPv6

v6 Vertex – Quick Tips & Pointers for IPv6 Users

ITdojo’s v6 Vertex is an ever-expanding set of quick tips and useful advice for using IPv6 in your network.

SSH use is daily and ubiquitous. In our increasingly mixed IPv4/IPv6 world we need to be conscious of the ways in which we are connecting (or not connecting) to our devices.

There are a few ways in which you will connect to your remote devices via SSH. They include:

  • By using the actual IP address (v4 or v6). This option doesn’t require much discussion. the type of IP address you enter (4 or 6) will determine the protocol you use.
    • Example: ssh 2001:db8::1234
    • Example: ssh 131.107.1.1
  • Using a NetBIOS name you can do a local broadcast or WINS query (Microsoft). This will give you IPv4 addresses only. IPv6 and NetBIOS don’t go together.
    • Example: ssh computer1
    • Note: Microsoft does not have a built-in ssh client.  It is one of the great mysteries of our time as to why they won’t embrace something so commonly used.
    • Another note: How your device is configured may vary the way in which this is resolved. It could get your system’s DNS suffix appended and be sent to DNS rather than broadcast on the local LAN or, perish the thought, sent to a WINS server. No, I have not forgotten the hosts file or the LMHOSTS file. I’m just ignoring them for the moment.
  • DNS query. This could return either an A record (IPv4), an AAAA record (IPv6), or both. This depends on your network. If you get both, most modern systems will prefer the AAAA record or use the “Happy Eyeballs” technique to connect to whichever responds first.
    • Example: ssh <fully-qualified-domain-name>
  • Multicast name resolution (mDNS, ZeroConf, SSDP, Bonjour, Avahi, etc.). Like DNS, this could return either an A record or an AAAA record, depending on the nodes in your network.

So how do you force your ssh connection to use IPv6 or IPv4 when both are returned? You can remove the potential unpredictability from the equation by simply using the -4 or -6 argument when executing the ssh command (Linux and Mac OS X). Note that this simple argument applies to a lot of other network utilities on your system.

  • Using ssh   <hostname> will connect via either IPv4 or IPv6, whichever happens to be resolved on your network.
  • Using ssh  -4  <hostname> will force the system to use IPv4 for the connection.
  • Using ssh  -6  <hostname> will force the system to use IPv6 for the connection.

Cheers,

Colin Weaver
colin@itdojo.com
www.itdojo.com

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes. Visit https://www.itdojo.com to learn more about ITdojo IPv6 course offerings.
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.