Wide-open local port forwarding - SSH

This is a discussion on Wide-open local port forwarding - SSH ; Hey! I tried to setup an ssh tunnel open for all users, not only local: $ ssh myserver myserver$ ssh -g -L 60022:localhost:22 localhost then it works for local users: myserver$ ssh -p 60022 localhost Enter password.... but not for ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Wide-open local port forwarding

  1. Wide-open local port forwarding

    Hey!
    I tried to setup an ssh tunnel open for all users, not only local:
    $ ssh myserver
    myserver$ ssh -g -L 60022:localhost:22 localhost

    then it works for local users:
    myserver$ ssh -p 60022 localhost
    Enter password....

    but not for any outside user (doing from home 'ssh -p 60022 myserver'
    doesn't work)

    What's wrong? (note the -g flag IS present)...

    Thanks.

    Jarek.


  2. Re: Wide-open local port forwarding

    I have vague memories of a problem like this where putting the
    external IP instead of localhost did the trick - but I can't remember
    if it was the same problem that I was trying to solve.

    It looks like you're trying to make SSH available on port 60022 as
    well as 22. If this is the case, then you'll be better off with a
    firewall rule along these lines:

    iptables -t nat -A PREROUTING -p tcp --dport 60022 -j REDIRECT --to-ports 22

    If you're trying to forward any old port, try running the ssh process
    with the -v option and see if it sees the incoming connection to port
    60022. If not then there may be a firewall blocking things somewhere.

    If that doesn't work, post the output of the ssh process which is
    forwarding the ports and the ssh process (use -v again) which is
    trying to connect, then it'll be easier for us to work out what's
    going on.

    Hope that helps!


    ~Ed

+ Reply to Thread