[Bug 2272] New: Global "PermitTunnel Yes" required to connect to a tunnel

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Sep 9 17:55:43 EST 2014


            Bug ID: 2272
           Summary: Global "PermitTunnel Yes" required to connect to a
           Product: Portable OpenSSH
           Version: 6.6p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: joe9mail at gmail.com


When a tun0 device is created with the below commands on the server:

ip tuntap add dev tun0 mode tun user sshuser group sshusers
ip link set dev tun0 up
ip addr add dev tun0 local peer

and ssh is started with this command from the client:

ssh -NTC -w 0:0 -o Tunnel=point-to-point sshuser@<ip-address>

Working extract from sshd_config:

PermitTunnel yes
Match User sshuser
   PermitTunnel yes

NOT Working extract from sshd_config (below is the message):
PermitTunnel no
Match User sshuser
   PermitTunnel yes

The error message with a -v is:
debug1: Remote: Server has rejected tunnel device forwarding


You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list