[jira] [Commented] (SSHD-792) Remote Port-Forwarding uses invalid "original host" values

Sun, 07 Jan 2018 09:13:14 -0800 

    [ 
https://issues.apache.org/jira/browse/SSHD-792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16315385#comment-16315385
 ] 

Andreas Haufler commented on SSHD-792:
--------------------------------------

localhost is 127.0.0.1 (PING localhost (127.0.0.1): 56 data bytes...)

ssh -V
OpenSSH_7.6p1, LibreSSL 2.6.2

Same also happens in my linux environment:
*ssh -V*
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016

*System:*
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.3 LTS
Release:        16.04
Codename:       xenial

ssh locally always shows this warning:
WARNING: Server requests forwarding for unknown listen_port 10023

The difference between MINA sshd and OpenSSH is in the incoming 
"forwarded-tcpip" call:

using ssh -vvv MINA sends:
*debug1: client_request_forwarded_tcpip: listen {color:red}127.0.0.1{color} 
port 10001, originator 127.0.0.1 port 57474
WARNING: Server requests forwarding for unknown listen_port 10001*

OpenSSH sends:
*debug1: client_request_forwarded_tcpip: listen {color:red}localhost{color} 
port 10001, originator 127.0.0.1 port 43308*


...not planning to do any nasty IPv6 stuff ;-) 

> Remote Port-Forwarding uses invalid "original host" values
> ----------------------------------------------------------
>
>                 Key: SSHD-792
>                 URL: https://issues.apache.org/jira/browse/SSHD-792
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 1.6.0
>         Environment: Java 8
> OSX
>            Reporter: Andreas Haufler
>
> When starting a server which accepts all kinds of port forwarding:
> sshd.setTcpipForwardingFilter(new StaticDecisionForwardingFilter(true));
> remote port-forwarding doesn't work (at least when connecting from OSX) 
> unless a specific address is given:
> ssh localhost -p 2222 -R10001:localhost:80 <- doesn't work
> ssh localhost -p 2222 -R127.0.0.1:10001:localhost:80 <- does work
> As far as I can tell, TcpipClientChannel.java:98 uses the underlying 
> socket-address
> of the effective connection and transmit the host (which is either 127.0.0.1 
> or ::1) on OSX.
> However, the client (ssh) would want to see "localhost" as original host in 
> order to permit tunneling.
> Is there anything I am missing? Otherwise I could provide a PR which fixes 
> this (by remembering the originally requested host and reporting that back).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to