From owner-ssh@clinet.fi Wed May 30 17:24:53 2001 Received: from smtp1.clinet.fi (smtp1.clinet.fi [194.100.2.57]) by hutcs.cs.hut.fi (8.9.3/8.9.3) with ESMTP id RAA12207 for ; Wed, 30 May 2001 17:24:53 +0300 (EET DST) Received: from mail.clinet.fi (mail.clinet.fi [194.100.0.7]) by smtp1.clinet.fi (Postfix) with ESMTP id BDBD2211BA; Wed, 30 May 2001 17:24:52 +0300 (EEST) Received: (from majordom@localhost) by mail.clinet.fi (8.9.3/8.9.3) id RAA28397 for ssh-outgoing; Wed, 30 May 2001 17:07:40 +0300 Received: from faui02.informatik.uni-erlangen.de (msfriedl@faui02.informatik.uni-erlangen.de [131.188.30.102]) by mail.clinet.fi (8.9.3/8.9.3) with ESMTP id RAA28390 for ; Wed, 30 May 2001 17:07:38 +0300 Received: (from msfriedl@localhost) by faui02.informatik.uni-erlangen.de (8.9.1/8.1.16-FAU) id QAA05078 for ssh@clinet.fi; Wed, 30 May 2001 16:07:32 +0200 (MET DST) Date: Wed, 30 May 2001 16:07:32 +0200 From: Markus Friedl To: ssh@clinet.fi Subject: Re: ssh -g with -L and -R Message-ID: <20010530160732.A23874@faui02.informatik.uni-erlangen.de> References: <20010530084115.A24275@stocks.pillory.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <20010530084115.A24275@stocks.pillory.com>; from jackmc-openssh@lorentz.com on Wed, May 30, 2001 at 08:41:15AM -0500 Sender: owner-ssh@clinet.fi Precedence: bulk for -R style forwarding it's a server policy issue. the server decides whether to listen to localhost or to all interfaces, so -g on the client side does not help. however, for openssh's sshd you can use Gatewayports=yes in sshd_config. -m On Wed, May 30, 2001 at 08:41:15AM -0500, Jack McKinney wrote: > Scenario: > > A------B----------C-----D > > If I am on B and execute: > > ssh C -g -L 6000:D:6000 > > Then I can connect to B:6000 from A and reach D:6000 > > However, If I am on C and execute: > > ssh B -g -R 6000:D:6000 > > I should be able to do the same thing: connect to B:6000 from A > and reach D:6000. However, I cannot. If I look at netstat -ant on B, > I see: > > tcp 0 0 127.0.0.1:6000 0.0.0.0:* LISTEN > > The '-g' flag is getting ignore for '-R', but it works for '-L'. > Am I doing something wrong? > > -- > JFByers: You're talking about a premeditated crime Jack McKinney > against the United States government. jackmc@lorentz.com > Frohike: Hey, your second one today. Welcome to the Dark Side. > 1024D/D68F2C07 4096g/38AEF076 http://www.lorentz.com