[Bug 2649] New: Problem with reverse tunnel between SSH client 5.5p1 and SSH server > 6.4p1

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Dec 23 00:31:49 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2649

            Bug ID: 2649
           Summary: Problem with reverse tunnel between SSH client 5.5p1
                    and SSH server > 6.4p1
           Product: Portable OpenSSH
           Version: 6.7p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: debacle at debian.org

I suffer from some change between OpenSSH 6.4 and 6.5, probably
https://bugzilla.mindrot.org/attachment.cgi?id=2344 (fix for bug
https://bugzilla.mindrot.org/show_bug.cgi?id=2147).

I have an OpenSSH client 1:5.5p1-6+squeeze3 on Debian 6 (Squeeze)
building a reverse tunnel with dynamic port to a Jessie server:

$ /usr/bin/ssh -t -t -R *:0:localhost:443 user at server somecommand

If the server runs OpenSSH up to version 6.4p1-2 ("forwardports" from
snaphot.d.o), everything is fine. With any OpenSSH server from 6.5p1-6
to 7.3p1-3, the tunnel gets established, but no data can be
transmitted over it. On any activity, the client side shows:

WARNING: Server requests forwarding for unknown listen_port 54321
debug1: failure forwarded-tcpip

When the client specifies the port (= no dynamic port):

$ /usr/bin/ssh -t -t -R *:54321:localhost:443 user at server somecommand

everything works fine, independent of the OpenSSH server version.

Reverting part of the change above solves the problem:

--- openssh-7.3p1.orig/channels.c
+++ openssh-7.3p1/channels.c
@@ -1458,7 +1458,7 @@ port_open_helper(Channel *c, char *rtype
                 } else {
                         /* listen address, port */
                         packet_put_cstring(c->path);
-                        packet_put_int(local_port);
+                        packet_put_int(c->listening_port);
                 }
                 if (strcmp(rtype,  
"forwarded-streamlocal at openssh.com") == 0) {
                         /* reserved for future owner/mode info */

This is also Debian bug #846379 (https://bugs.debian.org/846379)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list