Issue with OpenSSH remote forwarding of dynamic ports
Ángel González
keisial at gmail.com
Fri Aug 16 10:14:52 EST 2013
On 08/08/13 06:22, Ron Frederick wrote:
> When a connection comes to a port for which remote forwarding has
> been requested, a channel is opened to forward the port to the other
> side.
>
> byte SSH_MSG_CHANNEL_OPEN
> string "forwarded-tcpip"
> uint32 sender channel
> uint32 initial window size
> uint32 maximum packet size
> string address that was connected
> uint32 port that was connected
> string originator IP address
> uint32 originator port
>
> I was expecting "port that was connected" in this message to be the dynamically allocated port so that it would always be a unique value, but this is not the case (at least with OpenSSH's sshd). Instead, it always seems to be the "port number to bind" value passed in the original SSH_MSG_GLOBAL_REQUEST "tcpip-forward" message (which is 0 since we're asking for a dynamic port).
>
> Unfortunately, I would imagine changing this behavior on the server side might break existing clients out there which are expecting to get this 0 value back in channel open requests when they set up a dynamic listener, and I don't really see a good way to resolve this. Does anyone have any suggestions?
It could pass 0 for the first forward and the real port in the next ones
(which are already open), but IMHO the right thing would be to always
provide the real port.
More information about the openssh-unix-dev
mailing list