[
https://issues.apache.org/jira/browse/SSHD-792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16567350#comment-16567350
]
Ying Li commented on SSHD-792:
------------------------------
You should be able to reproduce the problem fairly easily by
# starting mina sshd, let's say it is listening on port 2222, and
acceptAllPubKey, acceptAllForwardingFilter
# start remote port forwarding:
{code}
> ssh -R 0.0.0.0:0:localhost:8080 -i ~/.ssh/id_rsa test@localhost -N -vvv -p
> 2222
...
Allocated port 37545 for remote forward to localhost:8080
{code}
# start using the allocated port
{code}
> curl http://localhost:37545
{code}
And we can see in the port forwarding session, openssh is printing those:
{code}
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 0 win 2097152
max 32768
debug1: client_request_forwarded_tcpip: listen 127.0.0.1 port 37545, originator
127.0.0.1 port 46870
WARNING: Server requests forwarding for unknown listen_port 37545
debug1: failure forwarded-tcpip
channel_by_id: -1: bad id
Disconnecting: Received oclose for nonexistent channel -1.
{code}
The reason causing the failure is openssh is not expecting 127.0.0.1:37545, but
0.0.0.0:37545. You can repeat the experiment with openssh sshd.
> Remote Port-Forwarding uses invalid "original host" values
> ----------------------------------------------------------
>
> Key: SSHD-792
> URL: https://issues.apache.org/jira/browse/SSHD-792
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 1.6.0
> Environment: Java 8
> OSX
> Reporter: Andreas Haufler
> Assignee: Goldstein Lyor
> Priority: Major
> Labels: needs-test
> Attachments: Forwarder.java
>
>
> When starting a server which accepts all kinds of port forwarding:
> sshd.setTcpipForwardingFilter(new StaticDecisionForwardingFilter(true));
> remote port-forwarding doesn't work (at least when connecting from OSX)
> unless a specific address is given:
> ssh localhost -p 2222 -R10001:localhost:80 <- doesn't work
> ssh localhost -p 2222 -R127.0.0.1:10001:localhost:80 <- does work
> As far as I can tell, TcpipClientChannel.java:98 uses the underlying
> socket-address
> of the effective connection and transmit the host (which is either 127.0.0.1
> or ::1) on OSX.
> However, the client (ssh) would want to see "localhost" as original host in
> order to permit tunneling.
> Is there anything I am missing? Otherwise I could provide a PR which fixes
> this (by remembering the originally requested host and reporting that back).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
