Allow remote hosts for remote forwarded ports

Darren Tucker dtucker at zip.com.au
Wed Mar 2 08:17:40 EST 2005


Jim Knoble wrote:
> Circa 2005-03-01 19:45:35 +0100 dixit Rene Rebe:
> 
> : ssh me at some-host.tld -R 8080:localhost:80
> 
> Is 'localhost' really what you want there?  That forwards port 8080 on
> some-host to port 80 on the same machine.

No, it forwards port 8080 on some-host to port 80 on the machine running 
the ssh client.

> : However I had to notice that this only binds to the loopback interface 
> : and not to all. For -L there is the -g option to low connects to locally 
> : forwarded ports for remote hosts. As far as I can see there is no 
> : equivalent for remotely forwarded ports.
> : 
> : Is there any reason this is not implemented?
> 
> It's implemented in sshd; you need to have 'GatewayPorts' set to 'yes'
> in sshd_config on the remote end.

Also note that recently (ie yesterday) support was added for fine-grained 
control of which address to bind to for remote SSH2 requests.  See:
http://bugzilla.mindrot.org/show_bug.cgi?id=413

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.




More information about the openssh-unix-dev mailing list