[Bug 3333] New: Both Local Port forwarding and Remote port forwarding at openSSH working is not a right case, if SSH Client is on Remote port forwarding

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jul 28 20:44:17 AEST 2021 

https://bugzilla.mindrot.org/show_bug.cgi?id=3333

            Bug ID: 3333
           Summary: Both Local Port forwarding and Remote port forwarding
                    at openSSH working is not a right case, if SSH Client
                    is on Remote port forwarding
           Product: Portable OpenSSH
           Version: 8.2p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: security
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: pshimoga at gmail.com

Target solution:
Applications (client and server) to run over SSH port forwarding /
tunnel setup (SSH client  and Server).
----------------------------------------------------------------------
Issue: OpenSSH at server side need to port forward only for Remote port
forwarding requests when the client SSH is on -L mode, but with 8.2p1
build, it does connect apps even on (-L) Local port forward options.
1B. Command: $SSH -R 6900:127.0.0.1:5900 ssh at 127.0.0.1
or
1B. Command: $SSH -L 6900:127.0.0.1:5900 ssh at 127.0.0.1
Comments: both commands are working.
---------------------------------------------------------------------
Question: SSH as server supporting both modes (-L) and (-R) if the SSH
as client is running (-L) option is known behavior? or does it needs a
fix. 
----------------------------------------------------------------------

TestBench:
Remote system connected with home network system via VPN.
======================================================================
Setup details:
1. At linux machine in remote network:
1A. VNC_Server is running at port 5900 and configured to accept
connection strictly for 127.0.0.1 IP only.
Command: $./libVncServer/example/example

1B. openSSH as server in port forwarding mode is supposed to work only
for (-R) Remote port forwarding mode but it works for (-L) Local port
forwarding as well.
Command: $SSH -R 6900:127.0.0.1:5900 ssh at 127.0.0.1

---------------------------------------------------------------------
2. At windows machine in home network:
2A. openSSH as client in set in (-L) mode.
Command: ssh -L 5900:127.0.0.1:6900 <user>@<LinuxMachineIP>

2B. VNC viewer in UI settings configured to connect to 127.0.0.1 at
port 5900.

======================================================================

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list