Allow remote hosts for remote forwarded ports

Jim Knoble jmknoble at pobox.com
Wed Mar 2 07:42:38 EST 2005


Circa 2005-03-01 19:45:35 +0100 dixit Rene Rebe:

: ssh me at some-host.tld -R 8080:localhost:80

Is 'localhost' really what you want there?  That forwards port 8080 on
some-host to port 80 on the same machine.

: However I had to notice that this only binds to the loopback interface 
: and not to all. For -L there is the -g option to low connects to locally 
: forwarded ports for remote hosts. As far as I can see there is no 
: equivalent for remotely forwarded ports.
: 
: Is there any reason this is not implemented?

It's implemented in sshd; you need to have 'GatewayPorts' set to 'yes'
in sshd_config on the remote end.

Alternatively:

    ssh me at some-host.tld 'ssh -N -g -L 8080:this-host:80 me at this-host'

Or, if you really do mean localhost above, then:

    ssh me at some-host.tld 'ssh -N -g -L 8080:localhost:80 me at localhost'

Strikes me you'd be better off with something else (such as an actual
redirect in the remote host's firewall, or even two netcat connected
by pipes....

-- 
jim knoble  |  jmknoble at pobox.com  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
 .....................................................................
 :"The methods now being used to merchandise the political candidate :
 : as though he were a deodorant positively guarantee the electorate :
 : against ever hearing the truth about anything."   --Aldous Huxley :
 :...................................................................:




More information about the openssh-unix-dev mailing list