You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Goldstein Lyor (JIRA)" <ji...@apache.org> on 2018/02/26 10:35:00 UTC
[jira] [Comment Edited] (SSHD-792) Remote Port-Forwarding uses
invalid "original host" values
[ https://issues.apache.org/jira/browse/SSHD-792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16376628#comment-16376628 ]
Goldstein Lyor edited comment on SSHD-792 at 2/26/18 10:34 AM:
---------------------------------------------------------------
See [SSH port forwarding example|https://www.ssh.com/ssh/tunneling/example] for better explanation of various parameters on {{ssh -L or -R}} client command. Accordingly:
{quote}
ssh localhost p 2222 -R10001:localhost:80 < doesn't work
{quote}
This should cause the SSH server to open a listen connection on 10001 from *any* host and then forward any incoming data to the client's host and from there route it to {{localhost:80}}. The current code implementation does that but routes the connection to {{127.0.0.1:80}}. Which makes me wonder about
{quote}
However, the client (ssh) would want to see "localhost" as original host in order to permit tunneling.
{quote}
Why is that ? Is port 80 somehow bound to some other IP other than {{127.0.0.1}} ? Which brings me to some other question:
{quote}
ssh localhost p 2222 -R127.0.0.1:10001:localhost:80 < does work
{quote}
The only difference between this and the previous tunnel is that the client is instructing the server to listen only on {{127.0.0.1:10001}} rather than *any* other incoming interface - but it will still route the connection to {{127.0.0.1:80}}. It is therefore not clear why this works and the former doesn't.
Still looking at it - may take a while...
was (Author: lgoldstein):
See [SSH port forwarding example|https://www.ssh.com/ssh/tunneling/example] for better explanation of various parameters on {{ssh -L or -R}} client command
> Remote Port-Forwarding uses invalid "original host" values
> ----------------------------------------------------------
>
> Key: SSHD-792
> URL: https://issues.apache.org/jira/browse/SSHD-792
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 1.6.0
> Environment: Java 8
> OSX
> Reporter: Andreas Haufler
> Assignee: Goldstein Lyor
> Priority: Major
> Attachments: Forwarder.java
>
>
> When starting a server which accepts all kinds of port forwarding:
> sshd.setTcpipForwardingFilter(new StaticDecisionForwardingFilter(true));
> remote port-forwarding doesn't work (at least when connecting from OSX) unless a specific address is given:
> ssh localhost -p 2222 -R10001:localhost:80 <- doesn't work
> ssh localhost -p 2222 -R127.0.0.1:10001:localhost:80 <- does work
> As far as I can tell, TcpipClientChannel.java:98 uses the underlying socket-address
> of the effective connection and transmit the host (which is either 127.0.0.1 or ::1) on OSX.
> However, the client (ssh) would want to see "localhost" as original host in order to permit tunneling.
> Is there anything I am missing? Otherwise I could provide a PR which fixes this (by remembering the originally requested host and reporting that back).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)