ssh tunneling to a windows box problem



Hi guys,

I'm trying to tunnel from my FC4 box (OpenSSH_4.0p1) through a firewall box (RH9, sshd: SSH Secure Shell 3.2.0 (non-commercial version), TCP forwarding is on) to a Windows 2000 server machine (on which I have deactivated the firewall and set VNC to allow incoming connections from the firewall box) so I can connect securely with VNC. Something is going wrong though. I make the tunnel like this:

ssh -vv -L 5901:192.168.1.112:5900 root@firewall

This is the verbose output:

...
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: Local connections to LOCALHOST:5901 forwarded to remote address 192.168.1.112:5900
debug1: Local forwarding listening on 127.0.0.1 port 5901.
debug2: fd 4 setting O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 5901.
debug2: fd 5 setting O_NONBLOCK
debug1: channel 1: new [port listener]
debug1: channel 2: new [client-session]
debug2: channel 2: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 2
debug2: channel 2: request pty-req confirm 0
debug2: channel 2: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 2: open confirm rwindow 100000 rmax 16384
...


ok now the tunnel is connected.. I do a vncviewer localhost::5901

...
debug1: Connection to port 5901 forwarding to 192.168.1.112 port 5900 requested.
debug2: fd 9 setting TCP_NODELAY
debug2: fd 9 setting O_NONBLOCK
debug1: channel 3: new [direct-tcpip]
debug1: channel 0: free: port listener, nchannels 4
debug1: channel 1: free: port listener, nchannels 3
debug1: channel 2: free: client-session, nchannels 2
debug1: channel 3: free: direct-tcpip: listening port 5901 for 192.168.1.112 port 5900, connect from 127.0.0.1 port 41657, nchannels 1
Connection to 192.168.1.118 closed by remote host.
Connection to 192.168.1.118 closed.
debug1: Transferred: stdin 0, stdout 0, stderr 89 bytes in 86.8 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 1.0
debug1: Exit status -1
...


And that's where it ends (and the connection to the firewall gets severed as well). Anybody got any ideas?

Cheers,
Tim

p.s. I can VNC into the machine normally from the one I'm trying to do this from (both are on the same side of the firewall at the moment but if I get it working I'll be coming in from the other side)



Relevant Pages

  • help with local forward of HTTP traffic
    ... to a machine behind the firewall. ... I can then ssh "directly" to office's sshd ... debug1: ssh-userauth2 successful: method publickey ... Local forwarding listening on 127.0.0.1 port 9999. ...
    (comp.security.ssh)
  • help with local forward of HTTP traffic
    ... to a machine behind the firewall. ... I can then ssh "directly" to office's sshd ... debug1: ssh-userauth2 successful: method publickey ... Local forwarding listening on 127.0.0.1 port 9999. ...
    (comp.security.ssh)
  • Problem with some user autentification error on sshd
    ... debug1: Reading configuration data /etc/ssh/ssh_config ... debug2: kex_parse_kexinit: none,zlib ... debug3: check_host_in_hostfile: match line 3 ... debug1: Next authentication method: keyboard-interactive ...
    (SSH)
  • Re: Problem: passwordless SSH-login with Kerberos doesnt work
    ... I can do Kerberos password authentication now and that's already a huge step forward, but single signon is what I want. ... debug1: sshd version OpenSSH_5.1p1 Debian-5 ... debug2: fd 3 setting O_NONBLOCK ... debug3: ...
    (comp.protocols.kerberos)
  • Re: Problem: passwordless SSH-login with Kerberos doesnt work
    ... I installed 2 testmachines, configured MIT Kerberos, OpenLDAP and PAM and got to the point where we all can login on to the SSH server using our Active Directory credentials. ... debug1: Connection established. ... debug2: fd 3 setting O_NONBLOCK ... debug1: Offering GSSAPI proposal: ...
    (comp.protocols.kerberos)