Re: ssh double tunnel problem
From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: Thu, 22 Apr 2004 05:01:16 +0000 (UTC)
In article <firstname.lastname@example.org>,
IloChab <IloChab@yahoo.it> wrote:
>Il Sun, 18 Apr 2004 00:08:03 +0000, Darren Tucker ha scritto:
>> In article <email@example.com>,
>> IloChab <IloChab@yahoo.it> wrote:
>>>-L 10000:PC2:10000 from PC1 to PC2
>>>-R 10000:PC2:10000 from PC3 to PC2
>> The problem is most likely that the first one is forwarding the port from
>> PC1 to PC2's IP address, not localhost, and by default most SSH servers
>> (you should mention what software you're using, BTW) will only listen
>> on the loopback interface for remote forwards. What you probably want
>> to do is:
>> PC1$ ssh -L 10000:127.0.0.1:10000 PC2
>> PC3$ ssh -R 10000:PC3:10000 PC2
>> PC1$ ssh -p 10000 -o HostKeyAlias=PC3 localhost
>I do not understand you:
>- 127.0.0.1 of the first command results to be localhost on PC2 or on
The first command is local forwarding, so for example
"PC1$ ssh -L 1234:127.0.0.1:5678 PC2"
would cause PC1 to listen on port 1234 on its loopback interface. Once
a connection is received on port 1234, a channel request is sent over
the SSH connection to PC2, which will then connect to "127.0.0.1" on port
5678 (ie PC2's loopback interface).
>- what is supposed to do the third command???
You said that you wanted to connect to PC3 via PC2, I assumed that you
meant "connect with ssh", but if that's not the case just ignore it.
>- Anyway I followed your suggestion (evenif I don't undrestand it
>completely) but on the third command I get:
>channel 2: open failed: connect failed: Connection refused from PC2 on the
>shell of the first command,
Does the server PC2 allow forwardings? Check AllowTcpForwarding
>I think the problem is to use a "-L" + a "-R" together.
>Don't you think so??
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.