Re: tunnel between two debian hosts not working



On Tue, 28 Jul 2009 10:42:31 +0300
Kosala Atapattu <kosala.atapattu@xxxxxxxxx> wrote:

On Sat, Jul 25, 2009 at 5:40 PM, Clayton<ckoeni@xxxxxxxxx> wrote:
Hi openssh,

I live in China and have a server in the US. I have been using an
SSH tunnel for web browsing to go around the censorship.

I am able to successfully proxy through an ssh tunnel to a shell
account on a US-based hosting service where I have some websites.
However, my own server does not work. (Even odder, I swear it
worked the first day I tried it, then it stopped working without
any configuration change on either end. I challenged the provider
of my data center, and they said "we are not blocking you".)

In the attached text file is a log of my initial connection, which
ends with

"debug1: Entering interactive session."

then an attempt to browse to a web site which fails with

"channel 1: open failed: administratively prohibited: open failed"

I repeat, the same ssh client works with another server, and even
this failing server worked the first day I tried it.

Any clues to what may be going wrong?

Are you trying to make the tunnel as root?

Yes, root on both ends.

I begin to wonder if there is something I need to turn on in the
firewall on the server end. (I have tried with firewall both on and
off....)

Thanks,
Clayton



Relevant Pages

  • Re: mysql connection through ssl tunnel
    ... I'd like to allow the application server to access mysql ... I've never set up an SSH tunnel. ... And that's through PF firewalls on both machines, which added flavor to the exercise;-) ...
    (freebsd-questions)
  • Re: mysql connection through ssl tunnel
    ... I'd like to allow the application server to access mysql ... I've never set up an SSH tunnel. ... If autossh watches over my ssh tunnel, who or what watches over autossh? ...
    (freebsd-questions)
  • NOQUEUE messages when using SSH tunnel
    ... I have configured an SSH tunnel on a new laptop, ... send mail through my server I get the following familiar message: ... Is this issue with Sendmail or my mail client/tunnel setup? ... -- My client is configured to 'localhost:2500' for outgoing mail. ...
    (comp.mail.sendmail)
  • Re: OT: BBC iPlayer
    ... they can run the proxy for you. ... In summary your task is to set up an SSH tunnel to your server in the UK, there are many resources on the internet which instruct you how to do this; but this is my brief take on it, others may care to "flesh" it out. ... forward an outside port say 5122 to port 22 on your server. ...
    (uk.comp.sys.mac)
  • Re: IPSec VPN into XP Pro
    ... XP can act as an IPSEC server.. ... My Networking Blog: http://www.networkblog.net ... >any firewall/NAT/router at the server end to the private LAN IP of the PPTP VPN server. ... The SSH tunnel is encrypted end-to-end and is very easy to setup and use, ...
    (microsoft.public.windowsxp.work_remotely)