Remote SSH tunneling problem through multiple firewalls
From: Thomas Knox (tknox_at_mac.com)
Date: 03/28/05
- Next message: Richard E. Silverman: "Re: sshd running with "-R" ?"
- Previous message: joseph85750_at_yahoo.com: "Re: sshd running with "-R" ?"
- Next in thread: Richard E. Silverman: "Re: Remote SSH tunneling problem through multiple firewalls"
- Reply: Richard E. Silverman: "Re: Remote SSH tunneling problem through multiple firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Mar 2005 14:18:21 -0500
Hello,
I have a box A running OpenSSH 3.9p1 (OpenSSL 0.9.7d) on Linux.
I have a remote box B running OpenSSH_3.6.1p1+CAN-2004-0175 (OpenSSL
0.9.7b) on Mac OS X.
The network topology is:
Box A -> Firewall/NAT -> Internet -> Firewall/NAT -> Box B.
An SSH connection can be made from Box A to Box B. An SSH connection
*cannot* be made from box B to box A (no incoming connections allowed
through the firewall in front of box A).
If I start sshd on box A with "sshd -edddp 2222", and then connect to
box B from box A with the command "ssh -2R2222:boxB:2222 user@boxB
-Nvvv" I connect with the messages:
....
debug1: Authentication succeeded (publickey).
debug1: Connections to remote port 2222 forwarded to local address boxB:2222
debug1: Entering interactive session.
debug1: remote forward success for: listen 2222, connect boxB:2222
Logging in to box B and trying to connect to box A, I use the command
"ssh -vvv2p 2222 user@localhost" I get the following output on box B:
OpenSSH_3.6.1p1+CAN-2004-0175, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 2222.
debug1: Connection established.
... (90 second delay)
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x1c540(0x0)
Watching box A I see:
debug1: remote forward success for: listen 2222, connect boxB:2222
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 1 win
131072 max 32768
debug1: client_request_forwarded_tcpip: listen 0.0.0.0 port 2222,
originator 127.0.0.1 port 61018
debug2: fd 4 setting O_NONBLOCK
debug2: fd 4 setting TCP_NODELAY
debug3: fd 4 is O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug1: channel 0: new [127.0.0.1]
debug1: confirm forwarded-tcpip
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug3: channel 0: waiting for connection
debug1: channel 0: not connected: Connection timed out
debug2: channel 0: zombie
debug2: channel 0: garbage collecting
debug1: channel 0: free: 127.0.0.1, nchannels 1
debug3: channel 0: status: The following connections are open:
debug3: channel 0: close_fds r 4 w 4 e -1 c -1
This seems to be a fairly straightforward thing to do, and I'm puzzled
why it is not working. And troubleshooting assistance would be welcomed!
Thanks!
Tom
- Next message: Richard E. Silverman: "Re: sshd running with "-R" ?"
- Previous message: joseph85750_at_yahoo.com: "Re: sshd running with "-R" ?"
- Next in thread: Richard E. Silverman: "Re: Remote SSH tunneling problem through multiple firewalls"
- Reply: Richard E. Silverman: "Re: Remote SSH tunneling problem through multiple firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
