[Bug 1804] ssh option -R 127.0.0.2:10443:<dest ip>:443 does not work

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sun Aug 8 18:43:33 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=1804

--- Comment #4 from Walter.Pfannenmueller at siemens.com  ---
I'm not sure.
Just reading the ssh man pages for -R


     -R [bind_address:]port:host:hostport
....
             Specifying a remote bind_address will only succeed if the
             server's GatewayPorts option is enabled (see
sshd_config(5)).

tells me, my specified bind_address will only succeed, if
GatewayPorts is enabled.

But this means all Port forwarding will result in global listeners
on the target machine. This is not, what I want.

Therefore a suggestion for a solution might be:

GatewayPorts no:

Allow and use 
bind_address only if it is a localhost (e.g. 127.*) address.

GatewayPorts yes:
just use bind_address.

But you probably should change the man pages as well, then.

Please tell me, if I'm totally wrong.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list