We have already learned how to set a static IP address for a Linux system, as well as how to configure multiple IP addresses on a Linux system. In this guide, we will learn how to assign the IP address to a remote Linux system via using the nmcli command.
There are a number of reasons why you might need to change the IP address of a remote Linux system. Some common reasons include:
- To comply with network policies: Many organizations have policies that require all devices on their network to have a specific IP address range. If a remote Linux system is not in compliance with these policies, you may need to change its IP address.
- To troubleshoot network problems: If a remote Linux system is having network problems, changing its IP address can sometimes help to resolve the issue.
- To migrate the system to a new network: If you are migrating a remote Linux system to a new network, you will need to change its IP address to match the new network's address range.
- To improve security: Changing the IP address of a remote Linux system can make it more difficult for attackers to find and target it.
Regardless of the reasons, if you ever find yourself needing to change a remote Linux system's IP address, it can be easily accomplished using the nmcli
command.
Table of Contents
Assign IP Address to a Remote Linux System using nmcli Command
As you may already know, we can run commands on a remote Linux system using SSH, making it easier for us to manage remote Linux systems efficiently and flexibly.
Before assigning the IP address of a remote Linux system using nmcli
, first we need to find the network interface of that system. To do so, run:
$ ssh ostechnix@192.168.1.40 'nmcli con show'
Replace the username and IP address with your own.
Sample Output:
NAME UUID TYPE DEVICE Wired connection 1 60e8eaf3-89f9-3e9f-9919-1944e7abee20 ethernet ens18
As you see in the output above, the network connection name is 'Wired connection 1
'.
Now, let us change the IP address using command:
$ ssh -t ostechnix@192.168.1.40 "sudo nmcli con modify 'Wired connection 1' ipv4.address 192.168.1.50/24"
Here, the -t
flag with ssh forces it to allocate a pseudo-terminal, which allows sudo to prompt for a password. When you run this command, ssh should prompt you for the remote user's password (if required), and then sudo will prompt for the password on the remote machine. In other words, you will be prompted to enter the password of your remote user twice.
Here is the complete break down of the above command.
ssh
: This is the Secure Shell command, which is used to establish a secure connection to the remote machine.-t
: This option forces pseudo-terminal allocation. It's used here to make sure that a terminal is allocated on the remote side, which allowssudo
to prompt for a password if needed.ostechnix@192.168.1.40
: This specifies the remote user and host you're connecting to. Replaceostechnix
with the actual username and192.168.1.40
with your remote system's IP address."sudo nmcli con modify 'Wired connection 1' ipv4.address 192.168.1.50/24"
: This is the command that's executed on the remote machine after establishing the SSH connection.sudo
: Runs the following command as a superuser (or another user), assuming theuser
has the necessary permissions.nmcli
: NetworkManager Command Line Interface, a tool for controlling NetworkManager (which is a daemon that manages network settings on many Linux distributions).con modify
: This option is used to modify the settings of a specific network connection.'Wired connection 1'
: The name of the network connection you want to modify. It's enclosed in single quotes to handle spaces in the connection name.ipv4.address 192.168.1.50/24
: Sets the IPv4 address of the network interface to192.168.1.50
with a subnet mask of255.255.255.0
(indicated by/24
in CIDR notation).
That's it. A new IP address is assigned. Let us verify it using command:
$ ssh ostechnix@192.168.1.40 "ip addr show ens18"
Replace the username, IP address and the network card name (ens18) with your own. You will see the new IP is assigned.
Sample Output:
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 6e:26:0b:8e:33:8c brd ff:ff:ff:ff:ff:ff altname enp0s18 inet 192.168.1.40/24 brd 192.168.1.255 scope global noprefixroute ens18 valid_lft forever preferred_lft forever inet 192.168.1.50/24 brd 192.168.1.255 scope global secondary noprefixroute ens18 valid_lft forever preferred_lft forever inet6 fe80::bfcf:b9d3:60de:af1b/64 scope link noprefixroute valid_lft forever preferred_lft forever
This way you can add multiple IP addresses to remote Linux via SSH using nmcli
command.
As I already told, this method will add an additional IP. The existing old IP address will remain unchanged.
You can also use the -S
option to pass the sudo password. It allows sudo to read the password from the standard input. You can echo the password and pipe it into ssh, but be warned that this method is insecure as the password might be visible in the process list or shell history.
$ echo 'yourpassword' | ssh -t user@ip "sudo -S nmcli con modify YourConnectionName ipv4.address YourIPAddress"
Again I warn you, this method is not secure, as your password can be exposed to other users on your local machine or via network transmission.
A Bash Script to Assign IP Address to a Remote Linux System via SSH using nmcli
We have created a simple Bash script called nmcli_remote_ip_changer to assign a new IP address to remote Linux system using nmcli command via SSH.
This script is quite simple and basically does the following:
- Prompt you for the remote username and IP,
- Establish an SSH connection,
- Fetch and display the network connections on the remote machine,
- Prompt you to choose a connection to modify and ask for the new IP configuration,
- Use
sudo
within the remote session to apply the changes and restart NetworkManager.
It is hosted in Ostechnix GitHub repository. You can download and modify it as per your requirement.
If you want to use this script to add a new IP address to a remote Linux system, follow the steps below:
1. Git clone the script:
$ git clone https://gist.github.com/ostechnix/2c053aba072c3f201f32c22b60cdf9a6 nmcli_remote_ip_changer
This will clone the script in a directory named nmcli_remote_ip_changer
in the current directory.
2. Cd into the directory and make the script executable using commands:
$ cd nmcli_remote_ip_changer/
$ chmod +x nmcli_remote_ip_changer.sh
3. Run the script using command:
$ ./nmcli_remote_ip_changer.sh
You will prompted to enter your remote system's username, current IP address, new IP address, gateway, and DNS etc. After providing all required details, enter the sudo password of your remote Linux system.
Enter the remote username: ostechnix Enter the remote host IP address: 192.168.1.40 Fetching list of network connections from the remote system... ostechnix@192.168.1.40's password: NAME UUID TYPE DEVICE Wired connection 1 60e8eaf3-89f9-3e9f-9919-1944e7abee20 ethernet ens18 Enter the NAME of the connection you want to modify: Wired connection 1 Enter the new IP address (in CIDR format, e.g., 192.168.1.10/24): 192.168.1.50/24 Enter the new Gateway (leave empty if unchanged): 192.168.1.101 Enter the new DNS (leave empty if unchanged, space separated for multiple): 8.8.8.8,8.8.4.4 ostechnix@192.168.1.40's password: Applying the new IP address... [sudo] password for ostechnix: IP address applied successfully. Restarting NetworkManager to apply changes... NetworkManager restarted successfully. Please verify the connectivity to the remote system. Connection to 192.168.1.40 closed.
You can check the new IP address by SSHing into the remote system with it, or run this command from your local system to verify the remote system's IP over SSH:
$ ssh ostechnix@192.168.1.40 'ip addr show ens18'
Heads Up: If you don't want to enter the remote user password, you can configure SSH Key-based authentication.
Conclusion
As you can see, modifying the IP address of a remote Linux system is a straightforward process. The nmcli
command simplifies this task significantly.
Whether you prefer to execute nmcli
commands directly or incorporate them into a script, you can accomplish this task with ease.