SSH Port Forwarding Question

From: Troy McClure (
Date: 07/27/04

  • Next message: Eugene Mayevski: "Re: sftp"
    Date: 27 Jul 2004 13:59:27 -0700

    I am having a problem using OpenSSH_3.8.1p1 Debian 1:3.8.1p1-4,
    OpenSSL 0.9.7d on the client and OpenSSH_3.7p1 for Solaris 7 on the

    I have port forwarded the default Oracle port from my local machine
    through a bastion host to my Oracle machine like so:

    ssh -L 1521:oracle_box:1521 username@bastion

    And all works fine at first. I am doing some load testing on an
    application and am trying to see how many instances I can run at one
    time. Each instance of the application initiates its own connection
    to the Oracle database through the SSH tunnel. This works great until
    I get to 25 hosts and then I start seeing this error on the console of
    the bastion host where I have ssh'd to:

    channel 53: open failed: administratively prohibited: open failed

    It appears there is some sort of hard limit that I have reached and I
    am wondering if this is something I can change on the client side, the
    server side, or whether it is hardcoded into either the server or
    client and I'm out of luck. I do not have the luxury of simply
    selecting another local port to forward because of the way the
    application is configured so I'd really like to be able to get at
    least 100 connections through per tunnel. I have tried this on 3
    different Linux boxes, all with the same result.

  • Next message: Eugene Mayevski: "Re: sftp"

    Relevant Pages

    • Re: Unable to print to networked printer - get access denied messa
      ... Check the permissions on the server assuming the client has a true RPC ... How is the Standard TCP/IP port configured for the device? ...
    • Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
      ... That's the problem tunneling (port forwarding) solves. ... >>can't get past the client firewall. ... > I don't understand why the server would be making the ... server initiates another connection to the client -- in this ...
    • Re: Remote Connection Issue
      ... through port number 3389 and a workstation on the LAN through port number ... I understand that you want to allow a LAN client ... and you have configured server publishing rule ... > By default Terminal Server and Windows 2000 Terminal Services uses TCP ...
    • Re: RealVNC
      ... Default listening port for RealVNC server that runs on the machine on which ... Then there is default Java listening port on port 5800 on the client machine ...
    • Re: Redirecting data sent to a local printer to another host and port on the network
      ... All client workstations have access to the ... simply redirecting netcat traffic on port 9100 to port 515 on ... Only LPR clients talk to LPD print server daemons. ... >workstation at the branch site where the print job originated. ...