[
https://issues.apache.org/jira/browse/SSHD-792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16376628#comment-16376628
]
Goldstein Lyor edited comment on SSHD-792 at 2/26/18 10:34 AM:
---------------------------------------------------------------
See [SSH port forwarding example|https://www.ssh.com/ssh/tunneling/example] for
better explanation of various parameters on {{ssh -L or -R}} client command.
Accordingly:
{quote}
ssh localhost p 2222 -R10001:localhost:80 < doesn't work
{quote}
This should cause the SSH server to open a listen connection on 10001 from
*any* host and then forward any incoming data to the client's host and from
there route it to {{localhost:80}}. The current code implementation does that
but routes the connection to {{127.0.0.1:80}}. Which makes me wonder about
{quote}
However, the client (ssh) would want to see "localhost" as original host in
order to permit tunneling.
{quote}
Why is that ? Is port 80 somehow bound to some other IP other than
{{127.0.0.1}} ? Which brings me to some other question:
{quote}
ssh localhost p 2222 -R127.0.0.1:10001:localhost:80 < does work
{quote}
The only difference between this and the previous tunnel is that the client is
instructing the server to listen only on {{127.0.0.1:10001}} rather than *any*
other incoming interface - but it will still route the connection to
{{127.0.0.1:80}}. It is therefore not clear why this works and the former
doesn't.
Still looking at it - may take a while...
was (Author: lgoldstein):
See [SSH port forwarding example|https://www.ssh.com/ssh/tunneling/example] for
better explanation of various parameters on {{ssh -L or -R}} client command
> Remote Port-Forwarding uses invalid "original host" values
> ----------------------------------------------------------
>
> Key: SSHD-792
> URL: https://issues.apache.org/jira/browse/SSHD-792
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 1.6.0
> Environment: Java 8
> OSX
> Reporter: Andreas Haufler
> Assignee: Goldstein Lyor
> Priority: Major
> Attachments: Forwarder.java
>
>
> When starting a server which accepts all kinds of port forwarding:
> sshd.setTcpipForwardingFilter(new StaticDecisionForwardingFilter(true));
> remote port-forwarding doesn't work (at least when connecting from OSX)
> unless a specific address is given:
> ssh localhost -p 2222 -R10001:localhost:80 <- doesn't work
> ssh localhost -p 2222 -R127.0.0.1:10001:localhost:80 <- does work
> As far as I can tell, TcpipClientChannel.java:98 uses the underlying
> socket-address
> of the effective connection and transmit the host (which is either 127.0.0.1
> or ::1) on OSX.
> However, the client (ssh) would want to see "localhost" as original host in
> order to permit tunneling.
> Is there anything I am missing? Otherwise I could provide a PR which fixes
> this (by remembering the originally requested host and reporting that back).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
