2.9p2: sshd -6, port fwd of ipv4 fails
Pekka Savola
pekkas at netcore.fi
Tue Jul 24 06:36:47 EST 2001
Hi,
Running openssh-2.9p2 on Linux.
If server is run with 'sshd -6' (to enable ipv6 easily on server end), ie
all IPv4 are represented as mapped addresses, port forwarding will not
work; just running plain ol' IPv4 fixes this of course.
The server error, when forwarding from the client '143:localhost:143' and
connecting to localhost 143 is:
debug1: server_input_channel_open: ctype direct-tcpip rchan 1 win 20480 max 2048
debug1: server_request_direct_tcpip: originator 127.0.0.1 port 1340, target 127.0.0.1 port 143
connect_to 127.0.0.1: unknown host (Address family for hostname not supported)
debug1: server_input_channel_open: failure direct-tcpip
The problem is that the connecting clients might not know a thing about
IPv6, so it wouldn't even be possible to forward something like
'143/::127.0.0.1/143', I suspect.
So it might appear sshd -6 is not entirely "safe" if you want to forward
ports w/ ipv4?
I wonder if this would work properly on systems that do double bind, ie.
separate ipv4 and ipv6 socket. At least 2.5.2pX on FreeBSD appeared to
have some problems, but didn't go to much into detail there.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
More information about the openssh-unix-dev
mailing list