Re: port forwarding

From: Richard E. Silverman (res_at_qoxp.net)
Date: 04/22/04


Date: 21 Apr 2004 21:59:43 -0400


>>>>> "Bob" == Bob <bob.lockie.NOSPAM@mail.com> writes:

    Bob> Why does 'ssh -N -l root -L 110:192.168.1.110:110 root@gw' work
    Bob> but 'ssh -N -l root -L 110:gw:110 root@gw' gives an: channel 2:
    Bob> open failed: administratively prohibited: open failed error?

This indicates that the SSH server declined the direct-tcpip channel the
client requested in response to the connection to the locally forwarded
port. Since a forwarding with a different destination does work, they
must be filtered on the server. You don't say what the SSH server
software is. If it's OpenSSH, this means you must be using publickey
authentication and there's a permitopen restriction on the key.

-- 
  Richard Silverman
  res@qoxp.net